LiteWeb Lets Remote Users Access Restricted Pages
|
|
SecurityTracker Alert ID: 1014096
|
|
SecurityTracker URL: http://securitytracker.com/id?1014096
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jun 3 2005
|
Impact: Disclosure of system information, Disclosure of user information, User access via network
|
Exploit Included: Yes
Vendor Confirmed: Yes
|
Advisory: Global Security Solution IT (GSSIT)
|
Version(s): 2.5
|
Description: Ziv Kamir from Global Security Solution IT reported a vulnerability in LiteWeb. A remote user can access ostensibly protected files on the target system.
A remote user can invoke the following type or URLs to access password-protected files on the target server without having to authenticate:
http://[target]/\admin\/logi
n.html
http://[target]//admin//login.html
The vendor was notified on June 2, 2005.
|
Impact: A remote user can access password-protected files on the target system.
|
Solution: No solution was available at the time of this entry. The vendor plans to issue a fix in the next version.
|
Vendor URL: www.cmfperception.com/liteweb.html (Links to External Site)
|
Cause: Authentication error
|
Underlying OS: Windows (Any)
|
Reported By: GSS IT <gss_it@yahoo.com>
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 2 Jun 2005 11:24:08 -0700 (PDT)
From: GSS IT <gss_it@yahoo.com>
Subject: LiteWeb 2.5
|
02/06/05
====================================
GSSIT - Global Security Solution IT
====================================
-------------------------------------------------------
Application: LiteWeb Server
Web Site: www.cmfperception.com
Versions: 2.5
Platform: Windows
Bug: An access control vulnerability.
Credits:
########
#########################################
# == Ziv Kamir == #
# #
# GSSIT - Global Security Solution IT #
# #
# Email : gss_it@yahoo.com #
# #
# Web : www.gssit.co.il #
# #
#########################################
---------------------
1) Introduction
2) Bug
3) The Code
4) Fix
================
1) Introduction
================
LiteWeb is a powerful web server that handles multiple domains
and supports PHP, Perl, MySQL, and much more.
=======
2) Bug
=======
A remote user may obtain password-protected files on the server without having to authenticate.
===========
3) The Code
===========
http://Target/\admin\/login.html
http://Target//admin//login.html
======
4) Fix
======
Date of Vendor Notification:
----------------------------
02/06/05
Response:
---------
02/06/05
It will be fixed in the next version.
==============================================================================================
*** The Data is for educational purpose only. ***
The information in this bulletin is provided "AS IS" without
warranty of any kind. In no event shall we be liable for any
damages whatsoever including direct, indirect, incidental,
consequential, loss of business profits or special damages.
==============================================================================================
|
|
