OpenJournal Authentication Bypassing Vulnerability
BID:9598
Info
OpenJournal Authentication Bypassing Vulnerability
| Bugtraq ID: | 9598 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 06 2004 12:00AM |
| Updated: | Feb 06 2004 12:00AM |
| Credit: | Discovery of this issue is credited to "Tri Huynh" <[email protected]>. |
| Vulnerable: |
OpenJournal OpenJournal 2.0 5 OpenJournal OpenJournal 2.0 4 OpenJournal OpenJournal 2.0 3 OpenJournal OpenJournal 2.0 2 OpenJournal OpenJournal 2.0 1 OpenJournal OpenJournal 2.0 0 |
| Not Vulnerable: |
OpenJournal OpenJournal 2.0 6 |
Discussion
OpenJournal Authentication Bypassing Vulnerability
It has been reported that OpenJournal is prone to an authentication bypass vulnerability. This issue is caused by the application failing to properly sanitize URI specified parameters. Successful exploitation of this issue may lead to remote attackers gaining unauthorized access to online journal files associated with the application, adding new users to the database as well as a number of other possibilities.
It has been reported that OpenJournal is prone to an authentication bypass vulnerability. This issue is caused by the application failing to properly sanitize URI specified parameters. Successful exploitation of this issue may lead to remote attackers gaining unauthorized access to online journal files associated with the application, adding new users to the database as well as a number of other possibilities.
Exploit / POC
OpenJournal Authentication Bypassing Vulnerability
No exploit is required to leverage this issue. The following URI will allow an attacker to gain access to the software account database:
http://www.test.com/cgi-bin/oj.cgi?db=default&uid=%00&userid=hacker&auth=adduser
No exploit is required to leverage this issue. The following URI will allow an attacker to gain access to the software account database:
http://www.test.com/cgi-bin/oj.cgi?db=default&uid=%00&userid=hacker&auth=adduser
Solution / Fix
OpenJournal Authentication Bypassing Vulnerability
Solution:
The vendor has provided an upgrade to deal with this issue.
OpenJournal OpenJournal 2.0 4
OpenJournal OpenJournal 2.0 1
OpenJournal OpenJournal 2.0 5
OpenJournal OpenJournal 2.0 3
OpenJournal OpenJournal 2.0 0
OpenJournal OpenJournal 2.0 2
Solution:
The vendor has provided an upgrade to deal with this issue.
OpenJournal OpenJournal 2.0 4
-
OpenJournal oj.tar.gz
Version 2.06 of the OpenJournal Software.
http://grohol.com/downloads/oj/latest/oj.tar.gz
OpenJournal OpenJournal 2.0 1
-
OpenJournal oj.tar.gz
Version 2.06 of the OpenJournal Software.
http://grohol.com/downloads/oj/latest/oj.tar.gz
OpenJournal OpenJournal 2.0 5
-
OpenJournal oj.tar.gz
Version 2.06 of the OpenJournal Software.
http://grohol.com/downloads/oj/latest/oj.tar.gz
OpenJournal OpenJournal 2.0 3
-
OpenJournal oj.tar.gz
Version 2.06 of the OpenJournal Software.
http://grohol.com/downloads/oj/latest/oj.tar.gz
OpenJournal OpenJournal 2.0 0
-
OpenJournal oj.tar.gz
Version 2.06 of the OpenJournal Software.
http://grohol.com/downloads/oj/latest/oj.tar.gz
OpenJournal OpenJournal 2.0 2
-
OpenJournal oj.tar.gz
Version 2.06 of the OpenJournal Software.
http://grohol.com/downloads/oj/latest/oj.tar.gz
References
OpenJournal Authentication Bypassing Vulnerability
References:
References:
- OpenJournal Home Page (OpenJournal)
- Open Journal Blog Authenticaion Bypassing Vulnerability ("Tri Huynh"
)