lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <E1A5uOk-000Cic-00.nimber-mail-ru@f23.mail.ru>
Date: Sun, 05 Oct 2003 01:57:10 +0400
From: "nimber"  <nimber@...l.ru>
To: bugtraq@...urityfocus.com
Subject: Vulnerabilities in Easy File Sharing Web Server (1.2 NEW).


Vulnerabilities in Easy File Sharing Web Server (1.2 NEW).

+-----------------------------+
Vendor: www.sharing-file.com
Version: 1.2 (new)
Date: Sep 22, 2003
Size: 2115KB
Mini-description:
"Easy File Sharing Web Server contains several built-in systems including HTTP Web Server,multi-threads database system, Bulletin Board System, Server Script system, Password protection system. Users just need to install Easy File Sharing Web Server and no other software. All without additional configuration. 
You may create a virtual folder from your hard disk; visitors may upload/download files to/from it. Easy File Sharing Web Server is much easier to use than a typical FTP server."
+-----------------------------+
Issue: 1. Flood-atack danger. 
       2. View log-files and options.
+-----------------------------+
Solution:
(1) I have found some small vulnerabilities in the built - in forum.
- At creation new topic, field "Title:" permits to enter an empty symbol. Thus occurs potential danger of flood-attack.
- Field "Your Message:" has no fixed are long.
(2) 
- The any user can look contents log-files.
Example:
http://192.168.2.227/log/

Name   Size   Date   Description   Author 
20030728.txt 9KB 2003-07-28 15:56:34  none none 
20030730.txt 18KB 2003-07-30 16:58:58 none none 
20030807.txt 12KB 2003-08-07 13:56:18 none none 
20030811.txt 18KB 2003-08-11 13:34:15 none none 
20030812.txt 10KB 2003-08-12 17:03:20 none none 
20030815.txt 10KB 2003-08-15 16:59:58 none none 
20030818.txt 31KB 2003-08-18 14:14:30 none none 
20030902.txt 9KB 2003-09-02 14:41:57  none none 
20030904.txt 8KB 2003-09-04 14:18:59  none none 
20030905.txt 1KB 2003-09-05 09:13:28  none none 
20030908.txt 4KB 2003-09-08 12:32:22  none none

- View options.ini

Example:
http://192.168.2.227/option.ini
======[example option.ini]======
[Server] WebPages= DefaultPage=login.htm startup=1 AutoActive=1 Minimize=0 Savelog=1 Port=80 

Template=default showsys=0 showhide=0 expire=600 resume=1 smallpic=0 picsize=0 fileprotect=1 

[Email] SmtpServer=smtp.citiz.net SmtpPort=25 Account=wordsend 

Password=,207,194,202,217,216,214 NeedAuth=1 Subject=User Registration Information 

username=file-sharing web server From=wordsend@...iz.net [IP] Mode=0 
================================

For contacts:
nimber
icq: 132614
e-mail: nimber@...l.ru
Home Page: nimber.plux.ru

Greets: ZeT,euronymous,JLx and all my friends.
Hi to teams: zud team, void.ru, RusH Team, m00 security,
eXploit.ru,LWTeam, F0K Project,Free-Crew.
 
p.s> Sorry for my bad english ;)

(0_o(0_o)0_o)


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ