lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20031104000933.20822.qmail@webbox119.konfiweb.de> Date: 4 Nov 2003 00:09:33 -0000 From: advisory@...fiweb.de To: Ron DuFresne <dufresne@...ternet.com> Cc: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>, "full-disclosure@...ts.netsys.com" <full-disclosure@...ts.netsys.com> Subject: Re: Re: Virginity Security Advisory 2003-002 : Tritanium Bulletin Board - Read and write from/to internal (protected) Threads Just look for "Virginity Security Advisory 2003-001" Besides: We do not secure virgins, our group name is just Virginity Security Research Center what has nothing to do with the human virginity but with the virginity of computers!! Am 03.11.2003 17:53:03, schrieb Ron DuFresne <dufresne@...ternet.com> : > > When did we start securing virgins?!? > > Thanks, > > Ron DuFresne > > On 31 Oct 2003, Virginity Security wrote: > > > > > > > - - - -------------------------------------------------------------------- > > Virginity Security Advisory 2003-002 > > - - - -------------------------------------------------------------------- > > DATE : 2003-10-31 22:59 GMT > > TYPE : remote > > VERSIONS AFFECTED : <== Tritanium Bulletin Board 1.2.3 (http://www.tritanium-scripts.com/) > > AUTHOR : Virginity > > - - - -------------------------------------------------------------------- > > > > > > Description: > > > > I found a security bug in Tritanium Bulletin Board: > > Normal Users can read the content of Threads to which they have no access rights! > > (and can answer to it which may be a problem if the internal forum has the right to insert html code) > > > > Author of the Software has been notified. > > > > - - - -------------------------------------------------------------------- > > > > > > Example: > > > > http://[target].com/[path]/index.php?faction=reply&thread_id=[ID OF THE THREAD TO READ]&forum_id=[ID OF FORUM]&sid=[your sid] > > > > Shows the window where The Attacker can answer to the topic and below that a window with the content of the thread!!! > > The Attacker can easily read all protected Threads since the thread_id is counted for every forum newly so just put from 1 on upwards :-) > > > > - - - -------------------------------------------------------------------- > > > > > > Solution: > > Hey sorry this time i had no time for a solution :-) > > > > - - - -------------------------------------------------------------------- > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > "Cutting the space budget really restores my faith in humanity. It > eliminates dreams, goals, and ideals and lets us get straight to the > business of hate, debauchery, and self-annihilation." -- Johnny Hart > ***testing, only testing, and damn good at it too!*** > > OK, so you're a Ph.D. Just don't touch anything. > > > ------- Gesendet mit Konfiweb.de >und du siehst die Dinge anders _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists