| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4D5E7F21.4000801@ntlworld.com> Date: Fri, 18 Feb 2011 14:16:01 +0000 From: Jacqui Caren-home <jacqui.caren@...world.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: [AntiSnatchOr] Drupal <= 6.20 insecure Captcha defaults PoC On 15/02/2011 16:55, Michele Orru wrote: > 2011/2/14 MustLive<mustlive@...security.com.ua>: >> Hello Michele! >> >> Few days ago I saw your advisory about Drupal's captcha. It's interesting >> advisory, but I have one note concerning it - your research is very close to >> mine ;-) (it concerns similar holes which I found before you). > > I didn't found anything in FD or other public lists mentioning > this issue before, so.... :) Its not just Drupal - a number of captcha systems are open to attacks of this form. For instance hotfile.com is randomly open, allowing downloads of multiple files because of capcha "cookie replay". I have seen this - by accident I should point out - on a number of (commercial) sites where captcha is employed for login or download sanity checks. The most recent system to be borked during upgrade was http://www.nextgenserver.com/calculator/ Jacqui _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists