Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

popper_mod 1.2.1 and previous accounts compromise
From: "matthew () ectisp net" <matthew () ectisp net>
Date: Sat, 30 Mar 2002 13:50:19 GMT
description: popper_mod is a free, full featured web based POP3 email client written in PHP. It is an extension of the 
now abandoned "popper" project. 
It can be downloaded from http://www.symatec-computer.com/forums/

bug report: popper_mod 1.2.1 relied on administrators using htaccess authentication to protect the administration PHP 
script.  Unfortunately, I have found no administrator yet who has protected their admin script access.  

exploit: simply go to http://www.targetdomain.com/mail/admin  
Your identity as administrator is not verified in anyway, and the complete list of user accounts including the 
passwords is revealed.  You can also delete accounts, manipulate settings, and modify accounts.

fix: popper_mod 1.2.2 and above require the administrator to log in with a username and password.  As of this advisory, 
latest version is 1.2.3 which can be downloaded from http://www.symatec-computer.com/forums/viewtopic.php?t=14

  By Date           By Thread  

Current thread:
  • popper_mod 1.2.1 and previous accounts compromise matthew () ectisp net (Apr 02)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]