FileProtection Express cookie 认证绕过漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1195128 漏洞类型 访问验证错误
发布时间 2006-05-04 更新时间 2006-05-10
CVE编号 CVE-2006-2168 CNNVD-ID CNNVD-200605-062
漏洞平台 N/A CVSS评分 7.5
|漏洞来源
https://cxsecurity.com/issue/WLB-2006050032
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200605-062
|漏洞详情
FileProtectionExpress可以使远程攻击者借助一个Admin值为1的cookie,绕过认证。
|漏洞EXP
FileProtection Express <= 1.0.1 authentification bypass

Discovered by: Nomenumbra

Date: 5/2/2006

impact:high (privilege escalation,full file access)

Ok, this is absurd, the only form of authentification to the Admin panel is controlled by
a cookie value. Use firefox CookieEditor extension for example and make a cookie of the target
domain containing a value called Admin and set it to 1 (I really wonder if the word security is
actually in the dictionary you know...)

Nomenumbra/[0x4F4C]
|参考资料

来源:BID
名称:17786
链接:http://www.securityfocus.com/bid/17786
来源:BUGTRAQ
名称:20060502FileProtectionExpress<=1.0.1authentificationbypass
链接:http://www.securityfocus.com/archive/1/archive/1/432728/100/0/threaded
来源:XF
名称:fileprotectionexpress-bypass-auth(26225)
链接:http://xforce.iss.net/xforce/xfdb/26225
来源:SREASON
名称:835
链接:http://securityreason.com/securityalert/835