• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Anthill postbug.php Authentication Bypass Vulnerability

Anthill is a PHP based bug tracking system.

Anthill versions 0.1.6.1 (and prior) contain a component, postbug.php, that is used to process bug entries and add them to the database. Normally, users are authenticated via the script enterbug.php, which then passes bug information to postbug.php for processing. Because postbug.php requires no authentication, an attacker could submit commands to postbug.php (via URL or by constructing the appropriate form on a remote web server), thus bypassing the normal enterbug.php authorization mechanism.