lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BAY143-W1770A899C934B99E8510E6BF260@phx.gbl>
Date: Thu, 7 Jun 2007 21:12:31 +0000
From: titanichacker titanichacker <titanichacker@....com>
To: <submit@...w0rm.com>
Cc: <bugtraq@...urityfocus.com>
Subject: Zen Help Desk ==> Version 2.1 Bypass/


--/ INTRODUCTION --

*
*
* Advisory : Zen Help Desk ==> Version 2.1 Bypass/Database Download Vulnerability
* Release Date : 25 / 05 / 2007
* Application : Zen Help Desk ==> Version 2.1
* Impact : Remote
* Googledork : "CopyRight 2004  Zen Help Desk" ,allintitle:Zen Help Desk or 
* or"allinurl:trackrequest.asp"
* Author : Titanichacker
* Contact : the-modest-pirate (at) hotmail (dot) com [email concealed]
* Home page : http://Hack-Teach.org
*
*

--/ REPRODUCE --

# Attackers Can Authentication Bypass In This Product By Add The Following 
Files:
('/ZenHelpDesk.mdb') And Download The Database Which Contains Table Named 
[admin]
The admin Name And Password Inside


thanx

cold-zero & mohandko & tryag team & hack-teach & drbaka & arb-hawk

# www.Hack-Teach.com & mohandko.com & tryag.com
_________________________________________________________________
Play free games, earn tickets, get cool prizes! Join Live Search Club. 
http://club.live.com/home.aspx?icid=CLUB_wlmailtextlink

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ