Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing
- From: "imei Addmimistrator" <addmimistrator@xxxxxxxxx>
- Date: Thu, 16 Aug 2007 21:00:17 +0430
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=ZCXcFTQ/KVGLMsGnn5lp6oSQhk8T7T5Cy/ekMCcj0T+Z+4hyfPwoeeLG3yqPQNoFQSxfG8nszNUnd6NXAcuG9dI0sZB5ukxF1Jr1OxCSnWdSFELXxReDafCIcUZtZ5xoBiOGs9DU8kZy1R+BJ9QF7di3fRJWVHPP8hySZjen5sc=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=I60hyGNY5qwLJnvE99QudM+RgP8NCGM9ZoIl+hRxK28xyJXNTtvqwZUruHC4xmY+9yJzp0CyxBEdQBikQWi8+gGyD7sHwzkPqdqUH7/3FiYXoO/AkVa1+kJLFslxEjYoQkRIfc6eM24wFKFmLA+EKw/2P47tVwySks+Pgj/gg6A=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
VISIT ORIGINAL LINK FOR MORE DETAILES
http://myimei.com/security/2007-08-16/olate-download-341adminphpauthentication-bypassing.html
VISIT ORIGINAL LINK FOR MORE DETAILES
oftware: Olate Download
Sowtware's Web Site: http://www.olate.co.uk/
Versions: 3.4.1
Status: Unpatched
Exploit: Available
Solution: Not Available
Discovered by: imei addmimistrator
Risk Level: High
—————–Description—————
There is some flews in Olate Download software, one of the popular
files' links list, Ideal for download sites, that results to bypassing
authentication of site's admin. An attacker can gain access to Admin
area have full control permissions to maintaing entire site.
VISIT ORIGINAL LINK FOR MORE DETAILES
http://myimei.com/security/2007-08-16/olate-download-341adminphpauthentication-bypassing.html
VISIT ORIGINAL LINK FOR MORE DETAILES
--
imei Addmimistrator
Visit my SeQrity Homepage at:
http://myimei.com/security