lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 9 Jun 2010 08:25:12 -0000
From: david.kurz@...orsecurity.net
To: bugtraq@...urityfocus.com
Subject: [MajorSecurity SA-070]Plume CMS - change Admin Password via
 Cross-site Request Forgery

[MajorSecurity SA-070]Plume CMS - change Admin Password via Cross-site Request Forgery

Details
=======
Product: Plume CMS
Security-Risk: high
Remote-Exploit: yes
Vendor-URL: http://www.plume-cms.net/
Advisory-Status: published

Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info/penetrationstest.php

Affected Products:
----------------------------
Plume CMS 1.2.4
Prior versions may also be vulnerable

Introduction
============
"Plume CMS is web based content management system." 

More Details
============
We at MajorSecurity have discovered a vulnerability in Plume CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.
The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to change the administrator's password by tricking a logged in administrator into visiting a malicious web site.

Solution
================
The web application should implement some validity checks to verify the requests before performing certain actions via HTTP requests.

Workaround
================
Do not browse untrusted sites or follow untrusted links while being logged-in to the application.

MajorSecurity
================
MajorSecurity is a German penetrationtesting and security research company which focuses
on web application security. We offer professional penetrationstest, security audits,
source code reviews.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ