'Pointter PHP Micro-Blogging Social Network' Unauthorized Privilege Escalation (CVE-2010-4333) Mark Stanislav - email@example.com
A vulnerability exists in the 'Pointter PHP Micro-Blogging Social Network' authentication system which allows for administrative privileges by crafting two specific cookies with arbitrary values.
Using whatever method you prefer, generate 'auser' and 'apass' cookies. The values of each cookie are irrelevant; the mere presence of the cookies provide the administrative privilege.
http://www.pointter.com/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4333 http://www.uncompiled.com/2010/12/pointter-php-micro-blogging-social-network-unauthorized-privilege-escalation-cve-2010-4333/
11/23/2010 - Initial vendor disclosure e-mail sent 11/24/2010 - Reply from vendor informing me that my 'software manipulation' was illegal 11/24/2010 - Response to vendor regarding their accusation of illegal actions on my part 11/24/2010 - Reply from vendor stating that by releasing this information, I am committing a crime 11/24/2010 - Response to vendor that their software is CC-licensed and that their accusations are unfounded 11/24/2010 - Rebuttal from vendor again affirming I was breaking the law by disclosing this vulnerability 11/24/2010 - Reply to vendor again stating my intent to help the company and provide responsible disclosure 11/24/2010 - Response from vendor stating they would no longer respond and explained their stance on fixing this issue 11/24/2010 - Final reply to vendor stating that I was happy to work with them on a delayed disclosure if desired 12/15/2010 - Public disclosure