TowerBlog User Credential Exposure Weakness
BID:13090
Info
TowerBlog User Credential Exposure Weakness
| Bugtraq ID: | 13090 |
| Class: | Access Validation Error |
| CVE: |
CVE-2005-1055 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 11 2005 12:00AM |
| Updated: | Jul 12 2009 12:56PM |
| Credit: | Discovery is credited to CorryL. |
| Vulnerable: |
TowerBlog TowerBlog 0.6 -r1 TowerBlog TowerBlog 0.6 TowerBlog TowerBlog 0.4 -r1 TowerBlog TowerBlog 0.2 |
| Not Vulnerable: | |
Discussion
TowerBlog User Credential Exposure Weakness
TowerBlog is reported prone to a weakness that may allow remote attackers to disclose user credentials.
It is reported that user password hashes are stored in a file that resides in the Web root allowing arbitrary attackers to access and disclose the sensitive information.
An attacker may then carry out brute force attacks against the password hashes to ultimately disclose user credentials. This may lead to other attacks against the system and potentially allow the attacker to compromise an affected computer.
TowerBlog 0.6 is reported to be affected. Other versions may be affected as well.
TowerBlog is reported prone to a weakness that may allow remote attackers to disclose user credentials.
It is reported that user password hashes are stored in a file that resides in the Web root allowing arbitrary attackers to access and disclose the sensitive information.
An attacker may then carry out brute force attacks against the password hashes to ultimately disclose user credentials. This may lead to other attacks against the system and potentially allow the attacker to compromise an affected computer.
TowerBlog 0.6 is reported to be affected. Other versions may be affected as well.
Exploit / POC
TowerBlog User Credential Exposure Weakness
An exploit is not required.
An exploit is not required.
Solution / Fix
TowerBlog User Credential Exposure Weakness
Solution:
This issue may have been addresses in TowerBlog 0.6-r2. This cannot be confirmed at the moment. Please contact the vendor for more information.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
This issue may have been addresses in TowerBlog 0.6-r2. This cannot be confirmed at the moment. Please contact the vendor for more information.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.