Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: PHPXMAIL - Authentication Bypass
From: security () surefoot com
Date: Wed, 6 Jul 2005 14:04:10 -0600

Hi Steve

On Wednesday 06 July 2005 11:57, Steve <St> wrote:
Author:       Stefan Lochbihler
Date:         6. Juli 2005
Affected      Software: PHPXMAIL
Software      Version: 0.7 -> 1.1
Software      URL: http://phpxmail.sourceforge.net/
Attack:       Authentication Bypass

[...details snipped...]

The problem occurs when we try to log in with an overlong password 
because we get no response message from the server and the function dont
exit.

Now when we login with a username like postmaster () localhost and an
overlong password
we bypass the error handler and successfully log in.

[...]

Solution: Maybe insert a maxsize tag to the passwords input field.



Discovered by Steve

Erm... a maxsize tag will not prevent the attack at all.

J

-- 
There is no such thing as fortune.  Try again.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault