header-logo
Suggest Exploit
vendor:
Kiosks
by:
SecurityFocus
8.8
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: Kiosks
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Surfnet Kiosks Authentication Bypass Vulnerability

Surfnet kiosks are vulnerable to an authentication bypass vulnerability that allows users to double their time in kiosk accounts. This occurs when a user attempts to authenticate to the kiosk, causing their time to be doubled for each attempt.

Mitigation:

Users should be aware of the vulnerability and take steps to ensure that their accounts are not being abused.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9347/info

Surfnet kiosks are prone to a vulnerability that may permit kiosk users to deposit extra time into kiosk accounts. This reportedly occurs when a user attempts to authenticate to the kiosk, causing their time to be doubled for each attempt. 

C:\Surfnet\WWWRoot\CMD_Existing_Account_Attempt:Login=Username:Password=Password

Navigation

Suggest Exploit

Services By CQR