Basic Analysis and Security Engine (BASE) Cookie Authentication Bypass

2006-04-20T09:48:00
ID OSVDB:25081
Type osvdb
Reporter Nikns Siankin(nikns@secure.lv)
Modified 2006-04-20T09:48:00

Description

Vulnerability Description

Basic Analysis and Security Engine (BASE) contains a flaw that may allow a malicious user to gain admin privileges without authentication. The issue is triggered when sending a specially crafted cookie. It is possible that the flaw may allow unauthorized administrative access resulting in a loss of confidentiality, integrity, and/or availability.

Technical Description

This vulnerability is only present when BASE built in authentication system is used and not with Web server authentication system.

Solution Description

Upgrade to cvs version or version 1.2.5 (sarah) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Basic Analysis and Security Engine (BASE) contains a flaw that may allow a malicious user to gain admin privileges without authentication. The issue is triggered when sending a specially crafted cookie. It is possible that the flaw may allow unauthorized administrative access resulting in a loss of confidentiality, integrity, and/or availability.

Manual Testing Notes

curl --cookie "BASERole=1|foo|e032862448a630f4e7a5342f19d9a88" --url http://[target]/base/base_main.php

References:

Related OSVDB ID: 35243 Mail List Post: http://sourceforge.net/mailarchive/message.php?msg_id=15452482