[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[MajorSecurity SA-068]Anantasoft Gazelle CMS - change admin password via Cross-site Request Forgery
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: [MajorSecurity SA-068]Anantasoft Gazelle CMS - change admin password via Cross-site Request Forgery
- From: david.kurz@xxxxxxxxxxxxxxxxx
- Date: 9 Jun 2010 08:15:59 -0000
[MajorSecurity SA-068]Anantasoft Gazelle CMS - change admin password via
Cross-site Request Forgery
Details
=======
Product: Anantasoft Gazelle CMS
Security-Risk: high
Remote-Exploit: yes
Vendor-URL: http://www.anantasoft.com
Vendor-Status: informed
Advisory-Status: published
Credits
============
Discovered by: David Vieira-Kurz
http://www.majorsecurity.info/penetrationstest.php
Affected Products:
----------------------------
Anantasoft Gazelle CMS 1.0
Prior versions may also be vulnerable
Introduction
============
"Anantasoft Gazelle CMS is web based content management system."
More Details
============
We at MajorSecurity have discovered a vulnerability in Anantasoft Gazelle CMS,
which can be exploited by malicious people to conduct cross-site request
forgery attacks.
The application allows users to perform certain actions via HTTP requests
without performing any validity checks to verify the requests. This can be
exploited to change the administrator's password by tricking a logged in
administrator into visiting a malicious web site.
Solution
================
The web application should implement some validity checks to verify the
requests before performing certain actions via HTTP requests.
Workaround
================
Do not browse untrusted sites or follow untrusted links while being logged-in
to the application.
MajorSecurity
================
MajorSecurity is a German penetrationtesting and security research company
which focuses
on web application security. We offer professional penetrationstest, security
audits,
source code reviews.