SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Grub Web Crawler Vendors:   LookSmart, Ltd.
Grub Web Crawler Discloses Password to Local Users
SecurityTracker Alert ID:  1007182
SecurityTracker URL:  http://securitytracker.com/id/1007182
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 14 2003
Impact:   Disclosure of authentication information, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 1.3.7
Description:   A vulnerability was reported in the Grub web crawler. A local user can view passwords.

exploitlabs.com warned that the software stores user passwords in plain text within the Windows registry. A local user can view the 'userEmail' and 'userPassword' elements of the 'HKEY_CURRENT_USER\Software\VB and VBA Program Settings\GrubClient\Settings' key to see the passwords.

The vendor was reportedly notified on June 4, 2003 and responded the same day.

Impact:   A local user can view the user passwords.
Solution:   The vendor has reportedly issued a fixed version (1.4.3), available at:

http://www.grub.org/html/downloads.php

Vendor URL:  www.grub.org/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  [0day] Grub Distributed Client - Cleartext Passwords


-= 0day - Freedom of Voice - Freedom of Choice =-

------------------------------------------------------------------
          - EXPL-A-2003-016 exploitlabs.com Advisory 016
------------------------------------------------------------------
       -=- Looksmart / Grub Distributed Webcrawling Client -=-


Donnie Werner
http://exploitlabs.com


Vunerability(s):
----------------
1.local clear user / password in windows registry


Product:
--------
http://www.grub.org/
http://www.looksmart.com/

Vulnerable:
grub-client-1.3.7.exe   May 12, 2003
grub-client-1.3.7.zip   May 12, 2003

Not Vunerable:
grub-client-1.4.3.exe [CURRENT] Jul 2, 2003
grub-client-1.4.3.zip [CURRENT]  Jul 2, 2003
patch-to-1.4.3.exe [CURRENT]  Jul 2, 2003
patch-to-1.4.3.zip [CURRENT]  Jul 2, 2003


Description of product:
-----------------------
 "Grub uses the power of distributed computing to build the best
search on the Web.
It automatically crawls the Web in the background, borrowing your
computer's spare
clock cycles, so you won't even notice it's there. The download is
quick, you control
how much you crawl, and the cool screensaver shows you the real-time
progress your
computer is making. You can even compare your stats to other Grubsters
in the project!
Help perfect the search engine. Join the Grub project today!"


Company Profile:
----------------
"LookSmart is a leader in Search Targeted Marketing. Through its
innovative LookListingsTM
suite of commercial search listings products and graphical advertising
products, LookSmart
enables large and small businesses alike to expose their products and
services to customers
at the precise moment they're searching for that very thing. The
result is a better search
experience for the user, as well as highly qualified leads and lower
customer acquisition
costs for the business. The LookSmart network reaches 77%* of Internet
users, and includes
Microsoft's MSN, Excite@Home, AltaVista, Netscape Netcenter, Inktomi,
Prodigy, Juno, CNN.com,
Road Runner, Cox Interactive Media, InfoSpace (Go2Net, Dogpile,
MetaCrawler) and Ask Jeeves."
*Media Metrix June 2001 Digital Media Audience Ratings


Reviews:
--------
http://www.fortune.com/fortune/smallbusiness/skeptic/0,15704,453288,00.html
David Lidsky
http://www.wired.com/news/infostructure/0,1377,58497,00.html
http://slashdot.org/article.pl?sid=03/04/19/1916209&mode=thread&tid=95



VUNERABILITY / EXPLOIT
======================

Local:
------
Passwords and user names are stored cleartext inside registry under
Windows OS


REG Key
Subkey ( data )

HKEY_CURRENT_USER\Software\VB and VBA Program
Settings\GrubClient\Settings
userEmail
userPassword


Vendor Fix:
-----------
upgrade to..
grub-client-1.4.3


Vendor Contact:
---------------
June 4 2003 left a message at Tel: 415.348.7000 @3am advising them of
my impending release
at 12pm.

Callback 9:10am from corp office.
kord@grub.org
kord campel 415-348-7691

Vendor knows and is working on the issue.

July 10 2003 Installed new client and note issue resolved.


Credits:
--------
Donnie Werner
http://exploitlabs.com "finding your holes is job one, and plugging
them twice the fun"
morning_wood@exploitlabs.com

Original Advisory at
http://exploitlabs.com/files/advisories/grub-client.txt
This Advisory is at
http://exploitlabs.com/files/advisories/EXPL-A-2003-016-grub-client.txt

_______________________________________________
0day mailing list
0day@nothackers.org
http://nothackers.org/mailman/listinfo/0day

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC