SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  vRating Vendors:  vrating.com
vRating Discloses Sensitive Information and Grants Administrative Access to Remote Users
SecurityTracker Alert ID:  1010951
SecurityTracker URL:  http://securitytracker.com/id?1010951
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Aug 13 2004
Impact:  Disclosure of authentication information, Disclosure of system information, Disclosure of user information, User access via network
Exploit Included:  Yes  
Version(s): 4.0, 4.01
Description:  Security .Net Information (snilabs) reported some vulnerabilities in vRating. A remote user can view sensitive configuration information. A remote user can also gain administrative access.

It is reported reported that a remote user can view and edit the 'settings.php' file with the following type of URL:

http://[target]/admin/settings.php

The configuration information includes mysql host, database, username, and password.

It is also reported that a remote user can access the 'admin' directory to gain access to the administrative interface. A demonstration exploit URL is provided:

http://[target]/admin/
Impact:  A remote user can view and edit configuration settings, including authentication information.

A remote user can access the administrative interface.
Solution:  No solution was available at the time of this entry.
Vendor URL:  www.vrating.com/ (Links to External Site)
Cause:  Access control error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)
Reported By:  "Security .Net Information" <snilabs@gmail.com>
Message History:   None.

 Source Message Contents
Date:  Fri, 13 Aug 2004 02:26:36 -0300
From:  "Security .Net Information" <snilabs@gmail.com>
Subject:  Vrating multiple Vulnerabilities:

 
 
Security .Net Information (snilabs) Advisore:
 
Vrating multiple Vulnerabilities:
 
1) Vrating Lets Remote Users Read and edit the files
 
A bug has encountred in vrating 4.01, 4.0, a remote user can view and
edit the settings.php file.
 
the file settings.php not have protection, so a remote user can view
file and view the
settings website including mysql host, database, username and password.
 
example:
 
http://www.vulnerable.com/admin/settings.php
 
2) Vrating default admin dir has not protected witch a password,
remote users can view and edit
a website configuration and access the configuration control panel.
 
example:
 
http://www.vulnerable.com/admin/
 
Vendor Contacted: not yet .. lol
 
Greetz: friends of #reflux
 
snilabs: sbnilabs@gmail.com radiarx.oceanius.com #sni-labs


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2004, SecurityGlobal.net LLC