AP Newspower software 'shows.tbl'允许远程数据操作漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1190652 漏洞类型 未知
发布时间 2007-05-09 更新时间 2007-05-09
CVE编号 CVE-2007-2554 CNNVD-ID CNNVD-200705-155
漏洞平台 N/A CVSS评分 7.8
|漏洞来源
https://www.securityfocus.com/bid/86185
https://cxsecurity.com/issue/WLB-2007050033
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200705-155
|漏洞详情
AssociatedPress(AP)Newspower为MySQL根账户使用默认的空白密码,这使得远程攻击者可以借助shows.tbl脚本,输入或修改新文章。
|漏洞EXP
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

AP Newspower is commercial software available from the AP that
allows media outlets to obtain text news feeds from the Associated
Press.  It's like RSS, but you pay for it. And it's slower. And
fatter.

The default install of this software includes a MySQL instance
which stores the feeds as well as copy created by the local media
outlet.  This MySQL database is configured to allow remote access
as root with a blank password.  A person so inclined upon finding
such a box could, say, insert an article of their own into
shows.tblscript and make their own news.  Or remotely censor the
news, or, ...  Oh noes!

The AP has been alerted of this issue, and has said they are not
interested in fixing it.

- -----

I wonder if they bought a MySQL license, or if they are using it
under the GPL license.  Their web page
(http://www.apbroadcast.com/AP+Broadcast/Radio/Prep+Services/AP+News
Power.htm) certainly makes no mention of where to obtain the
source.
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5

wpwEAQECAAYFAkZAk5YACgkQXsHJpAi2fRe4yQQAi6fDHuQRX0K8IW3Q4Th02D+EBxRM
JFGigWB7d6YsOkrwb2zCqpRwDKImoh/Y8OMZGVIoH4uwCAAYJzrRTPZh2I4xnrRFjtip
2kudDllCrlKor4XYuk9WOtJEOcHojZaczwOuNkLL2RsFE7uyTL8kAD3PiTsbxaPCVdZL
k3DZEb4=
=dVFH
-----END PGP SIGNATURE-----

--
Click here to refinance your mortgage.  Low rates, approval in minutes.
http://tagline.hushmail.com/fc/CAaCXv1QYGKA65kmHH2830bl8uE0ZUIN/
|受影响的产品
Associated Press Newspower 4.0.1
|参考资料

来源:BUGTRAQ
名称:20070508APNewspowersoftware<=4.0.1allowsremotedatamanipulation
链接:http://www.securityfocus.com/archive/1/archive/1/467962/100/0/threaded
来源:OSVDB
名称:36251
链接:http://osvdb.org/36251
来源:SREASON
名称:2679
链接:http://securityreason.com/securityalert/2679