Boa Administrator Password Overwrite Authentication Bypass Vulnerability

Bugtraq ID:	25676
Class:	Design Error
CVE:	CVE-2007-4915
Remote:	Yes
Local:	No
Published:	Sep 14 2007 12:00AM
Updated:	May 07 2015 05:35PM
Credit:	Luca Carettoni and Claudio Merloni are credited with the discovery of this vulnerability.
Vulnerable:	Boa Webserver 0.93.15 + AIPTEK NETCam Viewer 1.0 .0.28
Not Vulnerable:

Boa Administrator Password Overwrite Authentication Bypass Vulnerability

Boa is prone to an authentication-bypass vulnerability because the application fails to ensure that passwords are not overwritten by specially crafted HTTP Requests.

An attacker can exploit this issue to gain unauthorized access to the affected application. This may lead to other attacks.

This issue affects Boa 0.93.15; other versions may also be affected.

NOTE: This issue affects only Boa with Intersil Extensions installed.

Boa Administrator Password Overwrite Authentication Bypass Vulnerability

Attackers can exploit this issue via a browser.

The following exploit code is available:

• /data/vulnerabilities/exploits/25676.py

Boa Administrator Password Overwrite Authentication Bypass Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Boa Administrator Password Overwrite Authentication Bypass Vulnerability

References:

• Boa Webserver Homepage (Boa)
  
• Boa (with Intersil Extensions) - HTTP Basic Authentication Bypass ([email protected])