header-logo
Suggest Exploit
vendor:
AnswerBook2
by:
SecurityFocus
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: AnswerBook2
Affected Version From: 1.4.2002
Affected Version To: 1.4.2002
Patch Exists: Yes
Related CWE: N/A
CPE: //a:sun_microsystems:answerbook2
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Solaris
2002

AnswerBook2 Authentication Bypass Vulnerability

A lack of authentication checks for certain scripts within the administration interface of AnswerBook2 versions 1.4.2 and prior, for Solaris, allows remote users to create administration accounts. By directly accessing the /cgi-bin/admin/admin script present under the AnswerBook2 dwhttpd web server, it is possible to add users to the administration interface. This will allow the attacker to read log files and manage content.

Mitigation:

Upgrade to the latest version of AnswerBook2
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1554/info

A lack of authentication checks for certain scripts within the administration interface of AnswerBook2 versions 1.4.2 and prior, for Solaris, allows remote users to create administration accounts. By directly accessing the /cgi-bin/admin/admin script present under the AnswerBook2 dwhttpd web server, it is possible to add users to the administration interface. This will allow the attacker to read log files and manage content. 

http://www.example.com:8888/cgi-bin/admin/admin?command=add_user&uid=percebe&password=percebe&re_password=percebe"

Navigation

Suggest Exploit

Services By CQR