[36404] in bugtraq
Site News Authentication Error May Let Local Users Add Messages
daemon@ATHENA.MIT.EDU (Jérôme" ATHIAS)
Tue Sep 7 19:35:01 2004
Date: 5 Sep 2004 20:32:47 -0000
Message-ID: <20040905203247.30552.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: "Jérôme" ATHIAS <jerome.athias@caramail.com>
To: bugtraq@securityfocus.com
SecurityTracker Alert ID: 1011159
SecurityTracker URL: http://securitytracker.com/id?1011159
Date: Sep 5 2004
Impact: Modification of user information
Exploit Included: Yes
Version(s): 1.1
Description: A vulnerability was reported in Site News. A local user can add or edit news items.
LwB Security Team reported that a local user can invoke the script to add or edit messages without having to authenticate as an administrator.
A demonstration exploit is provided:
sitenews.cgi?update\?oldsubject=OLD_SUBJ&subject=NEW_SUBJ&name=ANY_NAME&issue=ISSUE&message=MESSAGE
Impact: A local user can add or edit messages on Site News.
Solution: No solution was available at the time of this entry.
Vendor URL: www.utilmind.com/scripts/sitenews.html (Links to External Site)
Cause: Authentication error
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
