BugTraq
Back to list
|
Post reply
SimpleChat
Mar 20 2003 03:33AM
subj (r2subj3ct dwclan org)
Product : SimpleChat!
Version : 1.3
WebSite : http://hot-things.net
Problem : Private info viewing
Description:
------------
In a directory /data/ the file containing the information on users of a
chat lays (taking place in a chat at present), to which any interested
person can receive access.
The file looks approximately so:
1048102503: |:127.0.0.1: |:subj: |:w1
1048102799: |:127.0.0.1: |:clark: |:w2
In the given situation we receive IP the user.
Exploit:
--------
http://[somehost]/chat/data/usr
Link:
-----
www.dwcgr0up.com
Fixs:
-----
U can finf all our fix on our homepage [www.dwcgroup.com]
Thanks:
-------
GipsHack : DHGroup : EXploit.ru : p0is0n : de1irium
Contact:
--------
r2subj3ct (at) dwclan (dot) org [email concealed]
irc.dwcgr0up.biz @ #dwc
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Product : SimpleChat!
Version : 1.3
WebSite : http://hot-things.net
Problem : Private info viewing
Description:
------------
In a directory /data/ the file containing the information on users of a
chat lays (taking place in a chat at present), to which any interested
person can receive access.
The file looks approximately so:
1048102503: |:127.0.0.1: |:subj: |:w1
1048102799: |:127.0.0.1: |:clark: |:w2
In the given situation we receive IP the user.
Exploit:
--------
http://[somehost]/chat/data/usr
Link:
-----
www.dwcgr0up.com
Fixs:
-----
U can finf all our fix on our homepage [www.dwcgroup.com]
Thanks:
-------
GipsHack : DHGroup : EXploit.ru : p0is0n : de1irium
Contact:
--------
r2subj3ct (at) dwclan (dot) org [email concealed]
irc.dwcgr0up.biz @ #dwc
[ reply ]