SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (News)  >   BAVO Vendors:   Lambrechts, Floris
BAVO PHP-based Web News Software Authentication Bug Lets Remote Users Gain Administrative Access to the Application
SecurityTracker Alert ID:  1003503
SecurityTracker URL:  http://securitytracker.com/id/1003503
CVE Reference:   CVE-2002-1719   (Links to External Site)
Updated:  May 20 2008
Original Entry Date:  Feb 10 2002
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 0.3
Description:   An authentication vulnerability was reported in BAVO, a PHP-based news-oriented web server application. A remote user can gain 'admin' access on the application.

The vulnerability was due to a bug in the checking of administrator passwords. Administator passwords were not checked so that any remote user could perform administrative functions on the application, including deleting or editing messages.

The vendor reports that Bavo is a work-in-progress and should *never* be used in an environment where security is required.
Impact:   A remote user can gain 'admin' access on the application and can delete or edit messages.
Solution:   The vendor has released a fixed version (0.3.1), available at:

http://freshmeat.net/redir/bavo/19259/url_tgz/bavo-0.3.1.tgz

The vendor strongly notes that BAVO is a work-in-progress and is not intended for security critical environments.
Vendor URL:  friet.patat.org/~florizla/bavo/ (Links to External Site)
Cause:   Authentication error
Underlying OS:   Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Sun, 10 Feb 2002 00:05:59 -0500
Subject:  BAVO 0.3.1


  BAVO 0.3.1
  by floris lambrechts (http://freshmeat.net/users/florisla/)
  Thursday, February 7th 2002 18:38

Internet :: WWW/HTTP :: Dynamic Content :: Message Boards

About: BAVO is (yet another) lightweight newsreader written in PHP. It
has no identity checks for users, having them only for admins. It is
thus useful mainly on LANs, where you trust the site's visitors. It is
meant to be used when CMS/portal systems like PHP-Nuke and Slashcode are
way too bloated, but where you'd still want a newspage. It therefore
uses no database, no polls, no moderation, and no cookies. However, it
looks nice and the admin(s) can edit/remove messages and reactions.

Changes: One major security flaw is fixed, along with some minor
usability bugs. The code and documentation is updated. This is the first
really solid release.

License: GNU General Public License (GPL)

URL: http://freshmeat.net/projects/bavo/

The vendor reports that Bavo is a work-in-progress and should *never* 
be used in an environment where security is required.

The vulnerability was due to a bug in the checking of administrator 
passwords.  Administator passwords were not checked so that any remote 
user could perform administrative functions on the application, including 
deleting or editing messages.


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2012, SecurityGlobal.net LLC