Basic Analysis and Security Engine (BASE) base_maintenance.php Authentication Bypass

2006-02-26T16:21:03
ID OSVDB:24101
Type osvdb
Reporter OSVDB
Modified 2006-02-26T16:21:03

Description

Vulnerability Description

Basic Analysis and Security Engine (BASE) contains a flaw that may allow a malicious user to bypass BASE built in authentication system for the base_maintenance.php script. The issue is due to the broken "AuthenticateNoCookie()" function which is used in standalone mode. It is possible that the flaw may allow access to base_maintenance.php page resulting in a loss of confidentiality.

Technical Description

This vulnerability is only present when BASE built in authentication system is used and not with Web server authentication system.

Solution Description

Upgrade to version 1.2.4 (melissa) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Basic Analysis and Security Engine (BASE) contains a flaw that may allow a malicious user to bypass BASE built in authentication system for the base_maintenance.php script. The issue is due to the broken "AuthenticateNoCookie()" function which is used in standalone mode. It is possible that the flaw may allow access to base_maintenance.php page resulting in a loss of confidentiality.

Manual Testing Notes

<HTML> <FORM action="http://[target]/base/base_maintenance.php" method="post"> <INPUT type="hidden" name="standalone" value="yes"> <INPUT type="submit" value="bypass!"> </FORM> </HTML>

References:

Vendor URL: http://secureideas.sourceforge.net/ Vendor Specific News/Changelog Entry: http://cvs.sourceforge.net/viewcvs.py/secureideas/base-php4/docs/CHANGELOG?rev=1.233&view=markup Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=402956 Secunia Advisory ID:19510 CVE-2006-1505