Proving Grounds BBS Crafted Login Remote Sysop Access

1987-01-27T00:00:00
ID OSVDB:328
Type osvdb
Reporter Mr. Memorex()
Modified 1987-01-27T00:00:00

Description

Vulnerability Description

Proving Grounds BBS contains a flaw that may allow a remote attacker to gain SYSOP access. The issue occurs when an attacker connects to the system and provides a crafted login sequence. Due to an error in processing input to the login fields, the system will allow a user that has not provided SYSOP authentication to gain access to the SYSOP menu with equivalent privileges.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Proving Grounds BBS contains a flaw that may allow a remote attacker to gain SYSOP access. The issue occurs when an attacker connects to the system and provides a crafted login sequence. Due to an error in processing input to the login fields, the system will allow a user that has not provided SYSOP authentication to gain access to the SYSOP menu with equivalent privileges.

Manual Testing Notes

  1. Call board and enter the user number of a Remote sysop
  2. Enter any bs for a pw
  3. Do the same thing again (more garbage the 2nd time it asks)
  4. Now enter your real number and pass
  5. At the first input prompt type 'Remote'
  6. This should give you the Remote Sysop menu and access

References:

Other Advisory URL: http://www.palmcoder.net/files/Archives/hacking/bbsenter.txt Generic Informational URL: http://software.bbsdocumentary.com/APPLE/II/PROVINGGROUNDS/