Hotfix Hosting Controller 多个权限许可和访问控制漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1193010 漏洞类型 未知
发布时间 2006-10-31 更新时间 2006-10-31
CVE编号 CVE-2006-5630 CNNVD-ID CNNVD-200610-539
漏洞平台 N/A CVSS评分 7.5
|漏洞来源
https://www.securityfocus.com/bid/87414
https://cxsecurity.com/issue/WLB-2006110007
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200610-539
|漏洞详情
Hotfix3.3版本以前的HostingController6.1,远程攻击者可以:(1)通过DisableForum.asp的disableforum操作中修改的ForumID参数,删除任意站点的虚拟目录;(2)通过EnableForum.asp的enableforum操作中的空ForumID参数,创建任意的论坛虚拟目录。
|漏洞EXP
Hosting Controller 'EnableForum.asp' and 'DisableForum.asp' Scripts Let Remote Users Create or Delete Forums and Virtual Directories

advisory : 
http://www.kapda.ir/advisory-442.html
http://securitytracker.com/alerts/2006/Oct/1017103.html
|受影响的产品
Hosting Controller Hosting Controller 6.1.0 Hotfix 3.2 6.1 Hotfix 3.2 Hosting Controller Hosting Controller 6.1.0 Hotfix 3.2 6.1 Hotfix 3.1 Hosting Controller Hosting Controller 6.1.0 Hotfix 3.2 6.1 Hotfix 2.4
|参考资料

来源:BUGTRAQ
名称:20061025HostingController6.1Hotfix<=3.2Vulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/449937/100/0/threaded
来源:MISC
链接:http://www.kapda.ir/advisory-442.html
来源:SECTRACK
名称:1017103
链接:http://securitytracker.com/id?1017103
来源:VUPEN
名称:ADV-2006-4296
链接:http://www.frsirt.com/english/advisories/2006/4296
来源:SREASON
名称:1804
链接:http://securityreason.com/securityalert/1804
来源:SECUNIA
名称:22607
链接:http://secunia.com/advisories/22607