09-16-99-ihtml.txt

`Team Asylum Security  
Copyright (c) 1999 By CyberSpace 2000  
http://www.team-asylum.com  
Source: Dave M. ([email protected])  
Advisory Date: 09/16/1999  
  
Affected  
--------  
All known released versions of the iHTML Merchant for Unix/Windows 95/98/NT.  
  
Product Description  
-------------------  
iHTML Merchant, written by Inline Internet Systems Inc., is an e-commerce   
solution programmed in iHTML which allows complicated web programming tasks   
to be done by anyone with basic knowledge of HTML and their web server of   
choice.   
  
Over 2,700 online merchants run iHTML Merchant. In turn, they can run  
dozens more stores off that single product. For more details about   
this product visit, http://www.ihtmlmerchant.com or see Inline's site at:   
http://www.inline.net.  
  
Vulnerability Summary  
---------------------  
Team Asylum has discovered a vulnerability that exists in iHTML Merchant   
which would allow a malicious hacker to (at the very least) view the   
protected files in the website's administrative section, giving the attacker   
the ability to view credit card information. If the iHTML Merchant is being   
run on Windows 95/98/NT the vulnerability is much more severe. The   
vulnerability exists in how iHTML Merchant parses code. The attacker   
could:  
  
1) Delete any file on the server  
2) Write a file to any folder on the server.  
3) Upload a trojan.  
4) Steal credit card numbers, and other hidden information.  
  
If the iHTML Merchant is being run on UNIX, the possibility exists that the   
web site could be altered. These findings reflect the default settings for  
95/98/NT and iHTML Merchant.  
  
Fix  
---  
A fix has been provided by Inline Internet Systems. You can download  
the patches in the following URL:  
  
http://www.ihtmlmerchant.com/support_patches_feedback.htm  
`