JBrowser Unauthorized Admin Access Vulnerability
BID:9537
Info
JBrowser Unauthorized Admin Access Vulnerability
| Bugtraq ID: | 9537 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 30 2004 12:00AM |
| Updated: | Jan 30 2004 12:00AM |
| Credit: | Discovery of this issue has been credited to Himeur Nourredine <[email protected]>. |
| Vulnerable: |
JBrowser JBrowser 2.4 JBrowser JBrowser 2.3 JBrowser JBrowser 2.1 JBrowser JBrowser 2.0 JBrowser JBrowser 1.0 |
| Not Vulnerable: | |
Discussion
JBrowser Unauthorized Admin Access Vulnerability
Due to a lack of access validation to the '_admin' directory, malevolent users may be able to execute arbitrary admin scripts. This may allow a malicious user to upload arbitrary files to the affected system and gain access to files outside of the web server root directory. There may also be other consequences associated with this vulnerability.
Due to a lack of access validation to the '_admin' directory, malevolent users may be able to execute arbitrary admin scripts. This may allow a malicious user to upload arbitrary files to the affected system and gain access to files outside of the web server root directory. There may also be other consequences associated with this vulnerability.
Exploit / POC
JBrowser Unauthorized Admin Access Vulnerability
No exploit is required to leverage this issue. The following proof of concept has been provided:
http://www.example.org/_admin/
http://www.example.org/_admin/list_all.php?folder=../
http://www.example.org/_admin/upload.php
No exploit is required to leverage this issue. The following proof of concept has been provided:
http://www.example.org/_admin/
http://www.example.org/_admin/list_all.php?folder=../
http://www.example.org/_admin/upload.php
Solution / Fix
JBrowser Unauthorized Admin Access Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.