Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Security)  >   Lanap BotDetect Vendors:   Lanap
Lanap BotDetect CAPTCHAs Can Be Bypassed By Remote Users
SecurityTracker Alert ID:  1016371
SecurityTracker URL:
CVE Reference:   CVE-2006-2918   (Links to External Site)
Date:  Jun 24 2006
Impact:   Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): BotDetect ASP.NET CAPTCHA component prior to
Description:   A vulnerability was reported in Lanap BotDetect. The CAPTCHAs can be bypassed.

A remote user can replay a previous ViewState parameter value to bypass the CAPTCHA entirely.

The specific impact depends on how the CAPTCHA component is integrated with the system.

Michael White and Graham Murphy of Symantec Research discovered this vulnerability.

Impact:   A remote user can bypass the CAPTCHA.
Solution:   The vendor has issued a fixed version of the BotDetect ASP.NET CAPTCHA (
Vendor URL: (Links to External Site)
Cause:   Authentication error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  SYMSA-2006-005


Hash: SHA1

Symantec Vulnerability Research

Security Advisory

Advisory ID   : SYMSA-2006-005

Advisory Title: Lanap CAPTCHA bypass exposure

Author        : Michael White, and

		Graham Murphy,

Release Date  : 23-06-2006

Application   : BotDetect Lanap CAPTCHA component

Platform      : ASP.NET

Severity      : Low/Limited exposure

Vendor status : Vendor verified, patch available

CVE Number    : CVE-2006-2918

Reference     :


	The CAPTCHA component for ASP.NET provided by Lanap may be

	completely bypassed, thus undermining the security benefit

	of the CAPTCHA technology.


	During a consulting engagement, Symantec identified that the

	Lanap CAPTCHA component stores the UUID and hash for a given

	CAPTCHA within the page ViewState. By replaying the ViewState

	for a known number, a remote attacker may avoid the CAPTCHA


	This behaviour is dependent on the way in which the Lanap

	component is integrated, however numerous examples including

	Lanap's demo code are identified as exhibiting this behaviour.

Vendor Response:

	The above vulnerability has been fixed in the latest release

	of the product, BotDetect ASP.NET CAPTCHA

	Licensed and evaluation versions of Lanap BotDetect ASP.NET

	CAPTCHA	are available for customer download from the Lanap

	website at

	If there are any further questions about this statement, please

	contact Lanap support.


	Upgrade to the latest release of the product,


Common Vulnerabilities and Exposures (CVE) Information:

The Common Vulnerabilities and Exposures (CVE) project has assigned

the following names to these issues.  These are candidates for

inclusion in the CVE list (, which standardizes

names for security problems.


- - - - -------Symantec Vulnerability Research Advisory Information-------

For questions about this advisory, or to report an error:

For details on Symantec's Vulnerability Reporting Policy:

Symantec Vulnerability Research Advisory Archive:

Symantec Vulnerability Research GPG Key:

- - - - -------------Symantec Product Advisory Information-------------

To Report a Security Vulnerability in a Symantec Product:

For general information on Symantec's Product Vulnerability reporting and response:

Symantec Product Advisory Archive:

Symantec Product Advisory PGP Key:

- - - - ---------------------------------------------------------------

Copyright (c) 2006 by Symantec Corp.

Permission to redistribute this alert electronically is granted

as long as it is not edited in any way unless authorized by

Symantec Consulting Services. Reprinting the whole or part of

this alert in any medium other than electronically requires

permission from


The information in the advisory is believed to be accurate

at the time of publishing based on currently available information.

Use of the information constitutes acceptance for use in an

AS IS condition. There are no warranties with regard to this


Neither the author nor the publisher accepts any liability

for any direct, indirect, or consequential loss or damage

arising from use of, or reliance on, this information.

Symantec, Symantec products, and Symantec Consulting Services

are registered trademarks of Symantec Corp. and/or affiliated

companies in the United States and other countries. All other

registered and unregistered trademarks represented in this

document are the sole property of their respective



Version: GnuPG v1.4.2.2 (GNU/Linux)






Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC