Ragnarok Online Control Panel Authentication Bypass Vulnerability [new method]

2007.09.08
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-287


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

VaLiuS has reported a vulnerability in Ragnarok Online Control Panel, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the authentication process when checking page access. This can be exploited to bypass the authentication process via a specially crafted URL with an appended non-restricted page. The /.../ reffers to directory crawling Example: http://www.example.com/CP/...../account_manage.php/login.php Successful exploitation requires that files are served from an Apache HTTP server. The vulnerability has been reported in version 4.3.4a. Other versions may also be affected. SOLUTION: Edit the source code to ensure that the authentication process is properly performed. PROVIDED AND/OR DISCOVERED BY: Calypso Steweren


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top