Account Manager LITE/PRO: Password Exploit!

n30

Please enter your password twice. Once to set it, and once to confirm it.

password
confirmation


Account Manager LITE/PRO Admin Passwerd Exploit

To Use Modify Source To Point to amadmin.pl on TARGET Server

mail-me

Product: Account Manager
Versions: ALL including LITE and PRO haven't been able to test ENTERPRISE
Vendor: Notified, http://www.cgiscriptcenter.com/


The Problem:

    The Script allows any remote user access to the Administration Control Panel
through overwriting the Admin Password with one of their own making :). This is possible
since the script parses the inputted data with total disregard for whether the current user
has Admin priveleges. Therefore calling www.server.com/cgibin/amadmin.pl?setpasswd
using a POST command would allow the password to be altered.

    Using this exploit would give a remote user access to add and remove users from
protected areas of your website perphaps to other more interesting CGI's ;P.


Exploit:

    See above.

Patches:
    
    There shouldn't have been a hole in the first place, somehow i suspect the patch
will be very fast in arriving :). 
    
n30@alldas.de
www.alldas.de