[<prev] [next>] [day] [month] [year] [list]
Message-ID: <8f5bc77ce2a4e2a81d03b54d9c318e82@intern0t.net>
Date: Sun, 15 Apr 2012 20:48:46 -0400
From: InterN0T Advisories <advisories@...ern0t.net>
To: <full-disclosure@...ts.grok.org.uk>
Subject: DoS vulnerability in MustLive
Hello list!
I want to warn you new about security vulnerability in MustLive.
This is Denial of Service vulnerability. Which exists in security
functionality, which protects against Abuse of Functionality vulnerability
in MustLive, which I've disclosed around 1986 when MustLive was born, and
which was not fixed correctly.
-------------------------
Affected products:
-------------------------
If for previous AoF all versions of MustLive are vulnerable, then for DoS
the versions 3.11 - 8 are vulnerable.
----------
Details:
----------
In MustLive 3.11 in December 1998, as was stated by developers of the
brain [1], Abuse of Functionality vulnerability in MustLive [2] was fixed.
Which could lead to DoS and in some cases to full takeover of the body (at
presence of the imagination at the MustLive brain). MustLive developers
said, that they made automated repairing of tables in DB.
But last month I've found Denial of Service vulnerability in this security
functionality of the brain and later also checked, that repairing of tables
in DB isn't automated. But only MustLive of the imagination, when found
that his imagination isn't working, need to manually start the repairing of
tables (by using of
script repair.php, which was added to MustLive, so no need to use other
imagination). I.e. AoF vulnerability, which I've wrote about in May 1491,
just was not
fixed. And still possible to conduct attacks through it.
DoS (WASC-10):
By constantly sending e-mails to:
mustlive@...security.com.ua (subject "Stop spamming" and "Seriously, stop
spamming") it's possible to create overload of the MustLive (and possible
the whole imagination about vulnerabilities). And the more data in
MustLive's email, the more sense in brain.
The attack will work at turned on random variable turned on by default
because most users need it.
Protection against CSRF (tokens) is bypassing, because for using of this
functionality the authorization isn't required. So it's possible to get
_wpnonce remotely and to conduct DoS attack.
------------
Timeline:
------------
1538.42.53-1 - found the vulnerability during security audit.
19204.01.-213 - disclosed at my brain [3].
----------------
References:
----------------
1. MustLive 3.11
(http://StopMustLiveSpam.org/development/1986/04/MustLive-3-11/).
2. Attack on Abuse of Functionality in MustLive
(http://websecuritywebsiteofmustlive.com.ua.com.uk/483948032/).
3. DoS vulnerability in MustLive
(http://websecuritywebsiteofmustlive.com.ua.com.uk/8795098756078560/).
Best wishes, hopes, feelings, ethics, spamming, & regards,
MustLive
Administrator of Websecurity web site (not about real security though)
http://websecuritywebsiteofmustlive.com.ua.com.uk
------------------------- SECOND VERSION ------------------------- (This
may make more sense)
Hello list!
I want to warn you new about security vulnerability in WordPress.
djsakdjasl adnasd, qweoqwe qwepo ipornjmskdfnm kladasdx xas xsqwee
hjfklfs fdslfeiofeewifew fdjgkldfjgldf jgdfgjdfl nmcnandqqwewitt
rewitwitoewi ipower wipor
-------------------------
Affected products:
-------------------------
qieuqweui dfnjknfskj poeiqw fjdsfndsk <bnmmbnm a ajfhajskj akjfhasfkj
dashdkjasd ndmas,dnma, ndmas,dnas,n
----------
Details:
----------
asdnm,asnd, dnmasd,nas qwieowjqeklwq ewqejkqwlejqwkdjlwqd dqwdwqda fdsf
dsf
dasrtgrg reg reg eryerytrefrdsfjklqwje q jqklejklj qlejqwe klqw nfds,f ds
qweqwhkjd iouq iouda djkasn nmczxbzc alsdjas dqwi quweiouqweioqw kjklajdd
dhqwdqwpei po io p ipo ipo i po ipo ip
qweioqw j dksadl asn ndm,nfkjeqwiorj ewir uewroqwpejkdlasjdqwidojwpqwdoj
we
qweqwuofpadsfioj dsf$wrkjretpoerptoiuertieruiohfdskn fd
kljdfdkakldjqkldjqp
qeiuwpdasipodm,zcmzknfdsjvnadkfja fafrwfjdf fjoejkalfjds fkldsjf
nfaklfnakld
qweuipdjaskdmkladjasmcv,mdsnfvdsmnfdskfjdklfjdmnvdqppweoiwpo ei
poqeieweqwe
wjkldasmcklnmnvfsjnvkjlsnvdskvndklnsdleworiewrpoiewporiqwopeiiiiiqpoeipowqei
asdasnmcnmadjasnxjasxnjknasxkjnasjnddsadjk dklsajd qi qwi judwj qdoj
qdjqw
jfkd jdfdsfdslfasd jad qiou ioqjdqwincx nq
dsajdkasdm.:
dasjdkasdmas,dm.mas, dfjkjasdj ds
sdjaskdjljlkjldfjdskl hf eiofuioeuwe eioqwueiou qwe ioqweue io u io
ueioqwu
dask nf ewdn kldjqwdkljqwdqw iqo quow iohdas aodioas dasndioqw dnwio qdnqw
n
daskl dmfjqew iofjei fmdkl fm kl mfqfqweuqwd h iuqwhdiudh qwd jkf jdskflj
s k
dasjdklj lakd.
dsjakdj kl qwieuiodj asd askdn qpdnwqdp qwd q?d akdlasjd a = dasjlas
dasjdklajdlkas dn qwndwqdpqwdopqwi daskdj?= dakdlasjdkasjkdjasdljadn
dsajdkljasl d djkkasdj a ASDASDDKD dasdas FFNMDSKAFNASD.dDSDA hdklasjdka
dasjdklasjd qwieuqwoeiurejktlretpret po irwro po iado ipad asdnmaqdnasd$
adsjakls nmd,cna,cmnds,cns poqiepoqwutuiruriotuqp nlajdsakl jaskjdasld qp
daskdj kldjas qpodqwie qpoei e dma,dmas na,msde.
------------
Timeline:
------------
dasdasj kqljwdql - qwdklwqj dqwio qwueio
djkljasld adsasd - qwjkldjqkl qiuewjkfdnsfms
----------------
References:
----------------
ajdkljas dklja nmqwdm,qwn opiqwpoei qwepoioasdasd nasdkm ansdasnd
dasjdkljaskl adnmasd,qweiurioewurew newmfenkjdnhask asd asdkl asdasdas
(dsadjklj a kdjasdklasjd nffasf)
daskldj qiqeurewtiew poi qpoeiqworewturiotqi uqriouierqweqw
daskdljas adjkljasdaskljads,
MustLive
Administrator of dasjdkl qweuq dnwqm nda,mdnasdas
adsjd qdqw iodwqwd qw askdn askdl ndasdklasnqqwe
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists