Allmanage Administrator Password Retrieval Vulnerability
BID:1217
Info
Allmanage Administrator Password Retrieval Vulnerability
| Bugtraq ID: | 1217 |
| Class: | Configuration Error |
| CVE: |
CVE-2000-0435 CVE-2000-0434 |
| Remote: | Yes |
| Local: | No |
| Published: | May 13 2000 12:00AM |
| Updated: | Jul 11 2009 01:56AM |
| Credit: | Posted to bugtraq on May 13, 2000 by bighawk <[email protected]> |
| Vulnerable: |
Matthew Redman Allmanage 2.6 |
| Not Vulnerable: | |
Discussion
Allmanage Administrator Password Retrieval Vulnerability
Allmanage is a free suite of perl scripts which allows numerous web sites to be maintained on a server under separate accounts. It stores the administrator's password in a file called "k" which resides in the same directory on the server as the scripts (allmanage.pl, allmanage_admin.pl, and a number of others). If the remote intruder has permissions to read the file "k", he can then load allmanage_admin.pl and enter the management console with administrator priviledges. Some of the features of this console include user account management, file manipulation, quotas, etc.
Allmanage is a free suite of perl scripts which allows numerous web sites to be maintained on a server under separate accounts. It stores the administrator's password in a file called "k" which resides in the same directory on the server as the scripts (allmanage.pl, allmanage_admin.pl, and a number of others). If the remote intruder has permissions to read the file "k", he can then load allmanage_admin.pl and enter the management console with administrator priviledges. Some of the features of this console include user account management, file manipulation, quotas, etc.