Secunia Security Advisory - A vulnerability has been reported in various Ascad Networks products, which can be exploited by malicious people to bypass certain security restrictions.
688495f47ea905c468c5ad8a8f97912e04ee234ad2a7a23dad75ba6551fcf045----------------------------------------------------------------------
Are you missing:
SECUNIA ADVISORY ID:
Critical:
Impact:
Where:
within the advisory below?
This is now part of the Secunia commercial solutions.
Click here to learn more about our commercial solutions:
http://secunia.com/advisories/business_solutions/
Click here to trial our solutions:
http://secunia.com/advisories/try_vi/
----------------------------------------------------------------------
TITLE:
Ascad Networks Products Insecure Cookie Handling Vulnerability
SECUNIA ADVISORY ID:
SA35077
VERIFY ADVISORY:
http://secunia.com/advisories/35077/
DESCRIPTION:
A vulnerability has been reported in various Ascad Networks products,
which can be exploited by malicious people to bypass certain security
restrictions.
The vulnerability is caused due to improper access restrictions when
accessing the administration interface. This can be exploited to
bypass the authentication mechanism and gain access to the
administration control panel by setting certain cookies.
The vulnerability is reported in the following products and
versions:
* c7 Portal 1.1.0
* Password Protector SD v2 (ppSD2)
* Form Processor Gold
* Guestbook Creator 1.5
* Mini Forum 1.0.1
SOLUTION:
Restrict access to the administration control panel (e.g. via
".htaccess").
PROVIDED AND/OR DISCOVERED BY:
G4N0K
ORIGINAL ADVISORY:
http://milw0rm.com/exploits/8675
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed