lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <ab92512d0511040051u9de5524ne1fc859c7f9991ad@mail.gmail.com>
Date: Fri Nov  4 08:51:27 2005
From: cumhuronat at gmail.com (cumhur onat)
Subject: Cerberus helpdesk

hi,
I have found a vulnerability in cerberus helpdesk latest stable version,
caused by insufficient authentication checks and leads to access of files
submitted by other users.
If you open a ticket with an attachment, it can be viewed by an url like
this:
http://www.website.com/path-to-cerberus/attachment_send.php?file_id=XXXX&thread_id=YYYYYY
by changing XXXX leaving YYYYYY same, you can download other attacments and
tickets submitted by other users.
As this helpdesk is mostly used in hosting sites, and most of the users add
important details like username && password this vulnerability can lead to
serious issues.
regards,
cumhur onat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051104/7f376271/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ