Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24400
HistoryAug 08, 2010 - 12:00 a.m.

Application Logic Error in DT Centrepiece

2010-08-0800:00:00
vulners.com
24
JSON

Vulnerability ID: HTB22523
Reference: http://www.htbridge.ch/advisory/application_logic_error_in_dt_centrepiece_1.html
Product: DT Centrepiece
Vendor: DT Services ( http://www.dt.net.nz/ )
Vulnerable Version: 4.5 and Probably Prior Versions
Vendor Notification: 22 July 2010
Vulnerability Type: Application Logic Error in the Authentication Mechanism
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: High
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)

Vulnerability Details:
The user can get access to the account of an arbitrary user.
When a user logs in, the remember password system puts predictable data in the cookie.

An attacker can use browser to exploit this vulnerability. The following PoC is available:

Just put this values in cookie:

MM_Remember_Username=USERNAME

JSON