lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 2 Jun 2011 14:46:52 -0500
From: Robert Gilbert <rgilbert@...ock.com>
To: "cve@...re.org" <cve@...re.org>,
	"bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>
Subject: [CVE-ID REQUEST] vBulletin - Multiple Open Redirects 

Product: vBulletin
Version: 3 - 4.1.3
Release Date: 06/02/2011
Risk: Low
Authentication: Not required to exploit.
Remote: Yes

Description: 
Multiple Open Redirect vulnerabilities in vBulletin version 4.1.3 and below allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the "url" parameter. By appending ?url=http://attackersite.com any number of pages, the user will be redirected to a potentially dangerous site. This is particularly interesting when used on the registration form or the password reset form. 

Exploit Example:
http://forum.pwndshop.com/register.php?do=checkdate&url=http://attackersite.com

Vendor Notified: Yes

Reference: 
http://www.vbulletin.com/forum/showthread.php/381014-Potential-Phishing-Vector?p=2166441
https://www.owasp.org/index.php/Open_redirect

Credit:

Robert Gilbert
Senior Consultant
HALOCK Security Labs, Purpose Driven Security(tm)
rgilbert [-at-] halock [-dot-] com 
http://www.halock.com 
http://blog.halock.com 


Note: This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, and/or confidential. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by telephone and delete this message immediately.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ