YusASP Web Asset Manager Unauthorized Access Vulnerability
BID:13501
Info
YusASP Web Asset Manager Unauthorized Access Vulnerability
| Bugtraq ID: | 13501 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 04 2005 12:00AM |
| Updated: | May 04 2005 12:00AM |
| Credit: | eric basher is credited with the discovery of this vulnerability. |
| Vulnerable: |
YusASP.com YusASP Web Asset Manager 1.0 |
| Not Vulnerable: | |
Discussion
YusASP Web Asset Manager Unauthorized Access Vulnerability
YusASP Web Asset Manager is prone to an unauthorized access vulnerability. The application does not perform any authentication regarding access to the application scripts.
This could permit an attacker to manage the content in the remote site; this could lead to the eventual compromise of the site as well.
YusASP Web Asset Manager is prone to an unauthorized access vulnerability. The application does not perform any authentication regarding access to the application scripts.
This could permit an attacker to manage the content in the remote site; this could lead to the eventual compromise of the site as well.
Exploit / POC
YusASP Web Asset Manager Unauthorized Access Vulnerability
No exploit is required.
No exploit is required.
Solution / Fix
YusASP Web Asset Manager Unauthorized Access Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
YusASP Web Asset Manager Unauthorized Access Vulnerability
References:
References:
- YusASP Web Asset Manager Homepage (YusASP.com)