MapInfo Discovery 1.0/1.1 - Remote Log File Access Information Disclosure

2004-07-15T00:00:00
ID EDB-ID:24368
Type exploitdb
Reporter anonymous
Modified 2004-07-15T00:00:00

Description

MapInfo Discovery 1.0/1.1 Remote Log File Access Information Disclosure. Webapps exploit for asp platform

                                        
                                            source: http://www.securityfocus.com/bid/10927/info

Multiple remote vulnerabilities are reported in MapInfo Discovery.

The first issue is reported to be an information disclosure vulnerability. An attacker may gain access to potentially sensitive error log information that could aid an attacker in further system compromise.

The second issue is reported to be a cross-site scripting vulnerability. The application fails to properly sanitize user-supplied URI argument data. This could allow for execution of hostile HTML and script code in the web client of a user who visits a malicious link to the vulnerable site. This code execution would occur in the security context of the site hosting the vulnerable software. Exploitation could allow for theft of cookie-based authentication credentials. Other attacks are also possible.

The third issue is reported to be a plaintext password information disclosure vulnerability. An attacker with the ability to sniff network traffic could capture user and SQL database credentials.

The fourth issue is reported to be an administrative login authentication bypass vulnerability. An attacker with a regular user account on the application can gain administrative access.

MapInfo Discovery versions 1.0 and 1.1 are reported susceptible to these vulnerabilities.

http://www.example.com/midiscovery/ErrLog/mi3errors.log