[18035] in bugtraq
Security Advisory: Subscribe Me Lite 1.0 - 2.0 Unix or 1.0 - 2.0
daemon@ATHENA.MIT.EDU (Tom Pickles)
Tue Dec 12 18:15:12 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <OE14IVxdWMYczdSnWC800002f2b@hotmail.com>
Date: Tue, 12 Dec 2000 10:25:02 -0000
Reply-To: Tom Pickles <tom_pickles@HOTMAIL.COM>
From: Tom Pickles <tom_pickles@HOTMAIL.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
note : This is not apparent in the commercial versions, (tested on three
different versions )
the author was notified and appropriate changes have since been made.
product page -
http://www.cgiscriptcenter.com/subscribe/index2.html
vendor notice -
Security Advisory:
Users of Subscribe Me Lite 1.0 - 2.0 Unix or 1.0 - 2.0 NT, update today to
protect your Subscribe Me Lite from outside access to your administration
panel.
[Full disclosure]
yes thats right, the malicious user can cause somewhat considerable damage
to a subscribe me lite
mailing list if you are using versions 1.0 - 2.0 Unix or 1.0 - 2.0 NT a
simple web browser pre-formatted
call, can allow an attacker to delete ANY user from the list in the form of
http://url.to.victim.com/subscribe.pl?some@email.com
The user will be deleted from the list without any kind of verification
whatsoever.
The vendor has updated with this information, please update yours.
Thanks
Tom (Digital Vampire)
IC-CRYPT.com // Enhancing communications since 1998
