Bugtraq mailing list archives
Re: Hosting Controller Vulnerability
From: Ben M <webmaster () theratnerschool org>
Date: 15 Jul 2002 05:07:42 -0000
In-Reply-To: <20020714213121.A7F7E36F9 () sitemail everyone net>
Instead of using something like @stake web proxy, could you also save the html output of (/accounts/updateuserdesc.asp) locally and change username to administrator and re-submit the form?
I am not sure, it depends on how your browser handles the cookies. The login cookie is a ASP session cookie.
And how are they validating the user name after applying the patch ?
You can look at the patch, it is in ASP, so you can read it. All it does is to select the users you have the rights to admin, and checks that the user you are editing is one of those users.
Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk
Current thread:
- Hosting Controller Vulnerability Ben M (Jul 13)
- <Possible follow-ups>
- Re: Hosting Controller Vulnerability Muhammad Faisal Rauf Danka (Jul 14)
- Re: Hosting Controller Vulnerability James Griffin (Jul 15)
- Re: Hosting Controller Vulnerability Ben M (Jul 15)