Movable Type Multiple Input Validation Vulnerabilities And User Enumeration Weakness
BID:24304
Info
Movable Type Multiple Input Validation Vulnerabilities And User Enumeration Weakness
| Bugtraq ID: | 24304 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 04 2007 12:00AM |
| Updated: | Jun 05 2007 08:00PM |
| Credit: | Tim Brown of Portcullis Computer Security Ltd. is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Movable Type Movable Type Enterprise 1.03 Movable Type Movable Type Enterprise 1.02 Movable Type Movable Type Enterprise 1.01 Movable Type Movable Type 3.17 Movable Type Movable Type 3.16 Movable Type Movable Type 3.2 Movable Type Movable Type 2.63 Movable Type Movable Type 2.0 Movable Type Movable Type 3.34.b1 Movable Type Movable Type 3.34 Movable Type Movable Type 3.33 Movable Type Movable Type 3.32 Movable Type Movable Type 3.31 Movable Type Movable Type 3.3 |
| Not Vulnerable: | |
Discussion
Movable Type Multiple Input Validation Vulnerabilities And User Enumeration Weakness
Movable Type is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. It is also prone to a username-enumeration weakness.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, cause arbitrary script code to run within the context of the webserver process that is hosting the affected software, and compromise the availability and integrity of a computer to ultimately gain remote unauthorized access by overwriting sensitive files (such as the password file).
Movable Type 3.16 is affected; other versions may also be vulnerable.
Movable Type is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. It is also prone to a username-enumeration weakness.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, cause arbitrary script code to run within the context of the webserver process that is hosting the affected software, and compromise the availability and integrity of a computer to ultimately gain remote unauthorized access by overwriting sensitive files (such as the password file).
Movable Type 3.16 is affected; other versions may also be vulnerable.
Exploit / POC
Movable Type Multiple Input Validation Vulnerabilities And User Enumeration Weakness
An attacker can use a browser to exploit any of these issues.
An attacker can use a browser to exploit any of these issues.
Solution / Fix
Movable Type Multiple Input Validation Vulnerabilities And User Enumeration Weakness
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Movable Type Multiple Input Validation Vulnerabilities And User Enumeration Weakness
References:
References:
- Movable Type Homepage (Movable Type)