| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.GSO.4.43.0311031056040.28583-100000@tundra.winternet.com> Date: Mon, 3 Nov 2003 10:56:56 -0600 (CST) From: Ron DuFresne <dufresne@...ternet.com> To: Virginity Security <advisory@...fiweb.de> Cc: bugtraq@...urityfocus.com, <full-disclosure@...ts.netsys.com> Subject: Re: Virginity Security Advisory 2003-002 : Tritanium Bulletin Board - Read and write from/to internal (protected) Threads When did we start securing virgins?!? Thanks, Ron DuFresne On 31 Oct 2003, Virginity Security wrote: > > > - - - -------------------------------------------------------------------- > Virginity Security Advisory 2003-002 > - - - -------------------------------------------------------------------- > DATE : 2003-10-31 22:59 GMT > TYPE : remote > VERSIONS AFFECTED : <== Tritanium Bulletin Board 1.2.3 (http://www.tritanium-scripts.com/) > AUTHOR : Virginity > - - - -------------------------------------------------------------------- > > > Description: > > I found a security bug in Tritanium Bulletin Board: > Normal Users can read the content of Threads to which they have no access rights! > (and can answer to it which may be a problem if the internal forum has the right to insert html code) > > Author of the Software has been notified. > > - - - -------------------------------------------------------------------- > > > Example: > > http://[target].com/[path]/index.php?faction=reply&thread_id=[ID OF THE THREAD TO READ]&forum_id=[ID OF FORUM]&sid=[your sid] > > Shows the window where The Attacker can answer to the topic and below that a window with the content of the thread!!! > The Attacker can easily read all protected Threads since the thread_id is counted for every forum newly so just put from 1 on upwards :-) > > - - - -------------------------------------------------------------------- > > > Solution: > Hey sorry this time i had no time for a solution :-) > > - - - -------------------------------------------------------------------- > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists