Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Subscribe Me CGI Vulnerability

From: CGI Script Center Support <support () cgiscriptcenter com>
Date: Wed, 23 Aug 2000 10:01:15 -0700
Hello,

Thank you for bringing the below problem to our attention.   In the
interests of protecting the users of programs, it always helps to know this
information prior to it becoming public, so that those users have time to
upgrade.  We have no problem with such problems being disclosed publicly,
other than the obvious security ramifications for users.  I hope the
respective tracking companies will consider the ramifications prior to
posting this information.

The below problem was solved with a simple check for an existing password
file in the sub setpwd routine:

if (-e "$passfile/password.txt") {

print "Content-type: text/html\n\n";

print "Password already exists. Please delete your password file manually if
you want to reset your password<BR>";

exit;

}



The affected programs have already been fixed and updated, and the new
downloads are already available.


Thanks, once again, for bringing these problems to our attention.






Product: Subscribe Me
Versions: All version number, LITE only
Vendor: Notified, http://www.cgiscriptcenter.com/

The Problem:

    Once again a remote user can alter the Admin Password for the Subscribe
Me
Admin Control Panel. Allowing a user to add and remove ppl from the list as
well
as initiate a mailling with a message body of their choice.

Exploit:

    See the html attachment included.

Patches:

    There should be one shortly after they fix Account Manager :)

n30
n30 () alldas de
<<

CGI Script Center Support
support () cgiscriptcenter com

  -----Original Message-----
  From: n30 [mailto:n30 () alldas de]
  Sent: Wednesday, August 23, 2000 3:08 PM
  To: cgi () elitehost com; bugtraq () securityfocus com; gov-boi () hack co za;
submissions () packetstorm securify com; trib () alldas de
  Subject: Subscribe Me CGI Vulnerability


  Product: Subscribe Me
  Versions: All version number, LITE only
  Vendor: Notified, http://www.cgiscriptcenter.com/

  The Problem:

      Once again a remote user can alter the Admin Password for the
Subscribe Me
  Admin Control Panel. Allowing a user to add and remove ppl from the list
as well
  as initiate a mailling with a message body of their choice.

  Exploit:

      See the html attachment included.

  Patches:

      There should be one shortly after they fix Account Manager :)

  n30
  n30 () alldas de

Attachment: sublite20.zip
Description:

Previous By Date Next
Previous By Thread Next

Current thread: