HTMLJunction EZGuestbook Discloses Database to Remote Users
|
|
SecurityTracker Alert ID: 1013912
|
|
SecurityTracker URL: http://securitytracker.com/id?1013912
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: May 6 2005
|
Impact: Disclosure of system information, Disclosure of user information
|
Exploit Included: Yes
|
Description: g0rellazz G0r from Team-evil Moroccain Hackers reported a vulnerability in HTMLJunction's EZGuestbook. A remote user can obtain the guestbook database.
The default configuration does not provide access controls for the database directory. A remote user can directly download the 'guestbook.mdb'
database file.
A demonstration exploit URL is provided:
http://[target]/ezguestbook/datastores/guestbook.mdb
|
Impact: A remote user can download the guestbook database.
|
Solution: No vendor solution was available at the time of this entry.
[Editor's note: Web server access controls may be applied to the 'datastores' directory as a workaround.]
|
Vendor URL: htmljunction.net/phpBB2/viewforum.php?f=17 (Links to External Site)
|
Cause: Access control error, Configuration error
|
Underlying OS: Windows (Any)
|
Reported By: g0rellazz G0r <l8oo8l@gmail.com>
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 5 May 2005 16:44:52 +0000
From: g0rellazz G0r <l8oo8l@gmail.com>
Subject: ezguestbook vulnerability
|
Team-evil Moroccain Hackers=20
A remote user can obtain the database, which includes the
administrative password.
http://www.target.com/ezguestbook/datastores/guestbook.mdb
|
|
