Search...

Blahz-DNS 0.2 - Direct Script Call Authentication Bypass

2002-04-28T00:00:00

ID EXPLOITPACK:2A0645AA8896AB1F733429B0DA418DC1
Type exploitpack
Reporter ppp-design
Modified 2002-04-28T00:00:00

Description

Blahz-DNS 0.2 - Direct Script Call Authentication Bypass

                                        
                                            source: https://www.securityfocus.com/bid/4618/info

Blahz-DNS is a web based management tool for DNS information. It is implemented in PHP, and available for Linux systems.

By directly calling scripts included with Blahz-DNS, it is possible to bypass the authentication check, gaining full access to the Blahz-DNS tool.

http://www.example.com/dostuff.php?action=modify_user

JSON Vulners Source

Initial Source

{"lastseen": "2020-04-01T19:04:06", "references": [], "description": "\nBlahz-DNS 0.2 - Direct Script Call Authentication Bypass", "edition": 1, "reporter": "ppp-design", "exploitpack": {"type": "webapps", "platform": "php"}, "published": "2002-04-28T00:00:00", "title": "Blahz-DNS 0.2 - Direct Script Call Authentication Bypass", "type": "exploitpack", "enchantments": {"dependencies": {"references": [], "modified": "2020-04-01T19:04:06", "rev": 2}, "score": {"value": 1.4, "vector": "NONE", "modified": "2020-04-01T19:04:06", "rev": 2}, "vulnersScore": 1.4}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2002-04-28T00:00:00", "id": "EXPLOITPACK:2A0645AA8896AB1F733429B0DA418DC1", "href": "", "viewCount": 1, "sourceData": "source: https://www.securityfocus.com/bid/4618/info\n\nBlahz-DNS is a web based management tool for DNS information. It is implemented in PHP, and available for Linux systems.\n\nBy directly calling scripts included with Blahz-DNS, it is possible to bypass the authentication check, gaining full access to the Blahz-DNS tool.\n\nhttp://www.example.com/dostuff.php?action=modify_user", "cvss": {"score": 0.0, "vector": "NONE"}, "immutableFields": []}