SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Commerce)  >   ClickCartPro Vendors:   Kryptronic
ClickCartPro E-Commerce Software Configuration Error May Disclose Administrator Password to Remote Users
SecurityTracker Alert ID:  1004825
SecurityTracker URL:  http://securitytracker.com/id/1004825
CVE Reference:   CVE-2002-2310   (Links to External Site)
Updated:  Jun 3 2008
Original Entry Date:  Jul 24 2002
Impact:   Disclosure of authentication information
Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 4.0
Description:   A configuration vulnerability was reported in the ClickCartPro commerce software. A remote user may be able to access the administrative database containing the administrator's password.

SecuriTeam reported that, due to an unspecified configuration error, a remote user can obtain a copy of the administrative database using the following type of URL:

http://site/data/site/admin_user.db
http://site/cp/data/site/admin_user.db
http://site/data/cp/site/admin_user.db

According to the report, the admin_user file contains the username and password of the webmaster and administrator of the site.

SecuriTeam credits Leo Siagian and Electronic Commerce Department - Kryptronic, Inc. with reporting this flaw.

Impact:   A remote user may be able to obtain the administrator's password.
Solution:   The vendor recommends in their README file that the files in the data directory be protected, either by using web server access controls on the directory or by placing the directory outside of the web document directory.
Vendor URL:  www.clickcartpro.com/app/cgi-bin/cp-app.cgi?pg=main_products_ccp (Links to External Site)
Cause:   Configuration error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  [NEWS] ClickCartPro Security Vulnerability (Misconfiguration)


The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -



  ClickCartPro Security Vulnerability (Misconfiguration)
------------------------------------------------------------------------


SUMMARY

 <http://www.clickcartpro.com/> ClickCartPro is a complete e-commerce 
solution. Manage a store with products for sale. Features include 
categories, specials, shipping flexibility, admin statistics, order 
tracking, discounts, a mail list program, file upload utilities, a banner 
ad rotation program, multiple product options, and relationships, more. A 
security vulnerability has been found in several configurations under the 
Windows operating system due to a misconfiguration issue.

DETAILS

Vulnerable systems:
 * ClickCartPro version 4.0

Example:
Accessing the following URL will allow access to the user's database:
http://site/data/site/admin_user.db
http://site/cp/data/site/admin_user.db
http://site/data/cp/site/admin_user.db

The admin_user file contains the username and password of the webmaster 
and administrator of the site.

Vendor response:
From the README:
Protecting the files in the data directory is of the highest importance. 
Owners who will be running this package on Apache web server with 
htaccess file protection enabled can place this directory in the same 
location as the web accessible portion of their site. .htaccess files are 
provided with the directory to ensure browsing via the web will not be 
allowed. For those owners with Windows servers or for those not running 
Apache web server, it is highly recommended that the data directory be 
stored in a non-web accessible portion of your account.


ADDITIONAL INFORMATION

The information has been provided by  <mailto:du1tku@yahoo.com> Leo 
Siagian and  <mailto:ec@kryptronic.com> Electronic Commerce Department - 
Kryptronic, Inc..



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any kind. 
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business
 profits or special damages. 






 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC