[29378] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

WF-Chat

daemon@ATHENA.MIT.EDU (subj)
Wed Mar 19 12:29:01 2003

Date: 19 Mar 2003 01:07:54 -0000
Message-ID: <20030319010754.28797.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: subj <r2subj3ct@dwclan.org>
To: bugtraq@securityfocus.com



Product : WF-Chat
Version : 1.0 Beta
WebSite : http://jid.2yd.ru 
Problem : Viewing users account.


Description:
------------
For own a admin accsess in this chat u'r needing view files:
Inicks.txt
!pwds.txt

In short, all informations about registered users be at this files
And access for reading this files have anyone

Exploits:
---------

http://[somehost]/chat/!nicks.txt
http://[somehost]/chat/!pwds.txt


Link:
-----
www.dwcgr0up.com

Fixs:
-----

U can finf all our fix on our homepage [www.dwcgroup.com]

Thanks:
-------
GipsHack : DHGroup : EXploit.ru : p0is0n : de1irium

Contact:
--------
r2subj3ct@dwclan.org
irc.dwcgr0up.biz @ #dwc


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[29378] in bugtraq

WF-Chat

daemon@ATHENA.MIT.EDU (subj)Wed Mar 19 12:29:01 2003

daemon@ATHENA.MIT.EDU (subj)
Wed Mar 19 12:29:01 2003