Hosting Controller editplanopt2.asp planid Variable Arbitrary Plan Disclosure

2005-07-15T19:11:00
ID OSVDB:17916
Type osvdb
Reporter Soroush Dalili(irsdl@yahoo.com)
Modified 2005-07-15T19:11:00

Description

Vulnerability Description

Hosting Controller contains a flaw that may lead to an unauthorized information disclosure. The issue is due to the 'editplanopt2.asp' script not properly sanitizing user-supplied input to the 'planid' variable, which may allow a remote attacker to arbitrarily disclose plans resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Hosting Controller contains a flaw that may lead to an unauthorized information disclosure. The issue is due to the 'editplanopt2.asp' script not properly sanitizing user-supplied input to the 'planid' variable, which may allow a remote attacker to arbitrarily disclose plans resulting in a loss of confidentiality.

Manual Testing Notes

http://[target]/admin/hosting/editplanopt2.asp?planid=[ARBITRARY_PLAN_NUMBER]

References:

Vendor URL: http://www.hostingcontroller.com/ Security Tracker: 1014496 Related OSVDB ID: 17918 Related OSVDB ID: 17915 Related OSVDB ID: 17917 Nessus Plugin ID:19254