Mambo Open Source index2.php Administrator Password Bypass

2001-07-24T00:00:00
ID OSVDB:1911
Type osvdb
Reporter OSVDB
Modified 2001-07-24T00:00:00

Description

Vulnerability Description

index2.php in Mambo Site Server allows remote attackers to gain Mambo administrator privileges by setting the PHPSESSID parameter and providing the appropriate administrator information in other parameters.

Technical Description

Mambo Server 3.0.0 through 3.0.5 stored the global variables insecurely. Versions 3.x are no longer supported. The current version as of December, 2003 is 4.0.14, with 4.5 rc4 available.

Solution Description

Upgrade to version 4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

index2.php in Mambo Site Server allows remote attackers to gain Mambo administrator privileges by setting the PHPSESSID parameter and providing the appropriate administrator information in other parameters.

References:

Vendor URL: http://www.mamboserver.com/ ISS X-Force ID: 6910 Generic Exploit URL: http://packetstormsecurity.nl/0107-exploits/mambo_advisorie.txt Generic Exploit URL: http://archives.neohapsis.com/archives/bugtraq/2001-07/0569.html CVE-2001-1011 CERT VU: 847803 Bugtraq ID: 3093