Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing

2007.08.21

Credit: imei Addmimistrator

Risk: High

Local: No

Remote: Yes

CVE: CVE-2007-4421 | CVE-2007-4419

CWE: N/A

VISIT ORIGINAL LINK FOR MORE DETAILES
http://myimei.com/security/2007-08-16/olate-download-341adminphpauthenti
cation-bypassing.html
VISIT ORIGINAL LINK FOR MORE DETAILES
oftware: Olate Download
Sowtware's Web Site: http://www.olate.co.uk/
Versions: 3.4.1
Status: Unpatched
Exploit: Available
Solution: Not Available
Discovered by: imei addmimistrator
Risk Level: High
????????????Description??????????
There is some flews in Olate Download software, one of the popular
files' links list, Ideal for download sites, that results to bypassing
authentication of site's admin. An attacker can gain access to Admin
area have full control permissions to maintaing entire site.
VISIT ORIGINAL LINK FOR MORE DETAILES
http://myimei.com/security/2007-08-16/olate-download-341adminphpauthenti
cation-bypassing.html
VISIT ORIGINAL LINK FOR MORE DETAILES
--
imei Addmimistrator
Visit my SeQrity Homepage at:
http://myimei.com/security

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.