AlstraSoft Web Host Directory Administrator Password Change Vulnerability
BID:21787
Info
AlstraSoft Web Host Directory Administrator Password Change Vulnerability
| Bugtraq ID: | 21787 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 27 2006 12:00AM |
| Updated: | Jan 04 2007 06:26PM |
| Credit: | [email protected] is credited with the discovery of this vulnerability. |
| Vulnerable: |
AlstraSoft Web Host Directory 1.2 |
| Not Vulnerable: | |
Discussion
AlstraSoft Web Host Directory Administrator Password Change Vulnerability
Web Host Directory is prone to a vulnerability that may permit attackers to change the administrative
password.
Exploiting this issue may allow an attacker to bypass the authentication mechanism and to gain unauthorized access to the affected application. This may lead to other attacks.
Web Host Directory is prone to a vulnerability that may permit attackers to change the administrative
password.
Exploiting this issue may allow an attacker to bypass the authentication mechanism and to gain unauthorized access to the affected application. This may lead to other attacks.
Exploit / POC
AlstraSoft Web Host Directory Administrator Password Change Vulnerability
An attacker can exploit this issue via a web client.
An attacker can exploit this issue via a web client.
Solution / Fix
AlstraSoft Web Host Directory Administrator Password Change Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
AlstraSoft Web Host Directory Administrator Password Change Vulnerability
References:
References: