Home page logo

fulldisclosure logo Full Disclosure mailing list archives

From: "Morning Wood" <se_cur_ity () hotmail com>
Date: Mon, 9 May 2005 05:55:03 -0700

       - EXPL-A-2005-007 exploitlabs.com Advisory 036 -
                      - H-Sphere -

H-Sphere Winbox

Positive Software Corporation

H-Sphere is a scalable multiserver web hosting solution.
 It has many advanced features and a sophisticated billing
 system to automate and improve your web hosting tasks.
 H-Sphere was designed to work on many servers and can be
 scaled by adding more web, mail, database, and DNS servers
 without any downtime. It provides a simple, easy-to-use web
 interface that can be maintained from any computer with
 internet connection. H-Sphere was written in Java and works
 with any SQL-compliant database.

1. local user/pass information disclosure

Item 1

While performing administration duties for domain management,
HSPHERE writes log information containing domain information
and user/password combinations.


action.log <--- stores user/pass
resources.log <--- stores user/pass

[0/00/2005 0:00:00 AM] Thread: 0000; Requested method "account.update" with
parameters resourcename=account, username=theuser, password=thepassword

on windows machines running HSPHERE, the default install
does not restrict permissions to this folder, allowing
less priveleged users to read account information.

Psoft has been contacted and a patch released
it is available at:


This vulnerability was discovered and researched by
Donnie Werner of exploitlabs

Donnie Werner

mail:   wood at exploitlabs.com
mail:   morning_wood at zone-h.org
web:    http://exploitlabs.com
web:    http://zone-h.org

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • H-Sphere Morning Wood (May 09)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]