lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <00ee01cdff18$2efd1b90$9b7a6fd5@pc> Date: Wed, 30 Jan 2013 20:31:57 +0200 From: "MustLive" <mustlive@...security.com.ua> To: <submissions@...ketstormsecurity.org>, <full-disclosure@...ts.grok.org.uk>, "1337 Exploit DataBase" <mr.inj3ct0r@...il.com> Subject: Vulnerabilities in WordPress Attack Scanner for WordPress Hello list! I want to warn you about security vulnerabilities in WordPress Attack Scanner plugin for WordPress. These are Information Leakage vulnerabilities. This is security plugin. In my 63 advisories about different vulnerabilities in WordPress plugins (http://websecurity.com.ua/3397/) I've wrote about security plugins many times. Previous time it was plugin Wordfence Security. ------------------------- Affected products: ------------------------- Vulnerable are all versions of WordPress Attack Scanner - both Free and Pro (commercial) versions of the plugin. Checked in WP-Attack-Scanner-Free 0.9.5.beta. ---------- Details: ---------- Information Leakage (WASC-13): http://site/wp-content/plugins/path/data.txt http://site/wp-content/plugins/path/archive.txt Folder "path" can be WP-Attack-Scanner or WP-Attack-Scanner-Free. Unrestricted access to the data - they can be accessed in the browser without authorization. Even the data is encrypted, but by default the password is "changepassword". If the password was not changed, then the data is easily decrypting. If it was changed, then the password can be picked up. ------------ Timeline: ------------ 2012.10.29 - announced at my site. 2012.11.03 - informed developers (at one e-mail). 2012.11.04 - informed developers (at another e-mail). 2013.01.29 - disclosed at my site (http://websecurity.com.ua/6120/). Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists