Neuigkeiten:

still alive...

Hauptmenü

[Powie\"s PSCRIPT Forum] Cookie Data Vulnerability

Begonnen von , 15. Oktober 2004, 22:07:37

Vorheriges Thema - Nächstes Thema
Drucken
Nach unten Seiten1
Benutzer-Aktionen

15. Oktober 2004, 22:07:37 


Cookie Data Vulnerability
in
Powie\'s PSCRIPT Forum
Summary
Product             Powie\'s PSCRIPT Forum
Version              4.1.0 and mySQL 
ii)     
name = puserpwd, value=
Proof of Concept
Install a new, clean version of PSCRIPT Pforum <= 1.26. Run pforum_createdb.php.
Create two cookies (User ID 1, Password = \'admin\', default setting):
i)      
name = puserid, value=1
ii)     
name = puserpwd, value=43e9a4ab75570f5b
Workaround
Deactivating \"Save Login\" by outcommenting lines 91 - 97 in logincheck.php
Risk Level
Medium High. Although the PSCRIPT Forum has some XSS-Weakpoints [1] and 
Cookie Path Vulnerabilites, the \"Save Login\" is not mandatory.
Vendor
The Vendor was informed two month ago, but ignored the advisory.
 
  •  
http://dev.mysql.com/doc/mysql/en/Password_hashing.html
http://dev.mysql.com/doc/mysql/en/Encryption_functions.html
[1]
http://www.securityfocus.com/archive/1/371782/2004-08-13/2004-08-19/2



Drucken
Nach oben Seiten1
Benutzer-Aktionen
all your base are belong to us