header-logo
Suggest Exploit
vendor:
MapInfo Discovery
by:
Unknown
7.5
CVSS
HIGH
Information Disclosure, Cross-Site Scripting, Plaintext Password Information Disclosure, Administrative Login Authentication Bypass
200, 79, 200, 287
CWE
Product Name: MapInfo Discovery
Affected Version From: 1
Affected Version To: 1.1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Multiple vulnerabilities in MapInfo Discovery

The first vulnerability allows an attacker to gain access to potentially sensitive error log information. The second vulnerability is a cross-site scripting vulnerability that allows execution of hostile HTML and script code. The third vulnerability allows an attacker to capture user and SQL database credentials by sniffing network traffic. The fourth vulnerability allows a regular user account to gain administrative access.

Mitigation:

Apply the latest patches and updates for MapInfo Discovery. Implement strong network security measures to prevent sniffing of network traffic. Regularly monitor and review error logs. Restrict administrative access to authorized users only.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10927/info

Multiple remote vulnerabilities are reported in MapInfo Discovery.

The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to potentially sensitive error log information that could aid an attacker in further system compromise.

The second issue is reported to be a cross-site scripting vulnerability. The application fails to properly sanitize user-supplied URI argument data. This could allow for execution of hostile HTML and script code in the web client of a user who visits a malicious link to the vulnerable site. This code execution would occur in the security context of the site hosting the vulnerable software. Exploitation could allow for theft of cookie-based authentication credentials. Other attacks are also possible.

The third issue is reported to be a plaintext password information disclosure vulnerability. An attacker with the ability to sniff network traffic could capture user and SQL database credentials.

The fourth issue is reported to be an administrative login authentication bypass vulnerability. An attacker with a regular user account on the application can gain administrative access.

MapInfo Discovery versions 1.0 and 1.1 are reported susceptible to these vulnerabilities.

http://www.example.com/midiscovery/ErrLog/mi3errors.log

Navigation

Suggest Exploit

Services By CQR