SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   vRating Vendors:   vrating.com
vRating Discloses Sensitive Information and Grants Administrative Access to Remote Users
SecurityTracker Alert ID:  1010951
SecurityTracker URL:  http://securitytracker.com/id/1010951
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Aug 13 2004
Impact:   Disclosure of authentication information, Disclosure of system information, Disclosure of user information, User access via network
Exploit Included:  Yes  
Version(s): 4.0, 4.01
Description:   Security .Net Information (snilabs) reported some vulnerabilities in vRating. A remote user can view sensitive configuration information. A remote user can also gain administrative access.

It is reported reported that a remote user can view and edit the 'settings.php' file with the following type of URL:

http://[target]/admin/settings.php

The configuration information includes mysql host, database, username, and password.

It is also reported that a remote user can access the 'admin' directory to gain access to the administrative interface. A demonstration exploit URL is provided:

http://[target]/admin/

Impact:   A remote user can view and edit configuration settings, including authentication information.

A remote user can access the administrative interface.

Solution:   No solution was available at the time of this entry.
Vendor URL:  www.vrating.com/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  Vrating multiple Vulnerabilities:


Security .Net Information (snilabs) Advisore:

Vrating multiple Vulnerabilities:

1) Vrating Lets Remote Users Read and edit the files

A bug has encountred in vrating 4.01, 4.0, a remote user can view and
edit the settings.php file.

the file settings.php not have protection, so a remote user can view
file and view the
settings website including mysql host, database, username and password.

example:

http://www.vulnerable.com/admin/settings.php

2) Vrating default admin dir has not protected witch a password,
remote users can view and edit
a website configuration and access the configuration control panel.

example:

http://www.vulnerable.com/admin/

Vendor Contacted: not yet .. lol

Greetz: friends of #reflux

snilabs: sbnilabs@gmail.com radiarx.oceanius.com #sni-labs
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC