[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Vulnerabilities in GlobalWoW
- To: MustLive <mustlive@xxxxxxxxxxxxxxxxxx>, "submissions@xxxxxxxxxxxxxxxxxxxxxxx" <submissions@xxxxxxxxxxxxxxxxxxxxxxx>, "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Vulnerabilities in GlobalWoW
- From: Ivan Carlos <icarlos@xxxxxxxxxxx>
- Date: Wed, 31 Aug 2011 13:59:51 -0700
C'mon... isn't that (gaming non-licensed server over a patented application)
illegal?
Reporting vulns on counterfeit applications is useless.
Ivan Carlos
CISO, Consultant
+55 (11) 8112-0666
www.icarlos.net
-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of MustLive
Sent: quarta-feira, 31 de agosto de 2011 17:44
To: submissions@xxxxxxxxxxxxxxxxxxxxxxx; full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Vulnerabilities in GlobalWoW
Hello list!
I want to warn you about Insufficient Anti-automation and Denial of Service
vulnerabilities in GlobalWoW. Also GlobalWow can be included in ArcEmu and WOW
Emulator Server.
This is the last of few advisories which I've made in April 2010. In this
advisory I'm continue to inform readers of mailing lists about vulnerable web
applications which are using CaptchaSecurityImages.php.
-------------------------
Affected products:
-------------------------
Vulnerable are GlobalWow 3.0.9 and previous versions (and potentially next
versions).
Also the next products are affected: ArcEmu and WOW Emulator Server with which
GlobalWow can be bundled.
I've already wrote last year the recommendations about fixing these issues in
another my advisory concerning vulnerable web application with
CaptchaSecurityImages.php. As I wrote earlier
(http://www.securityfocus.com/archive/1/511023), developers of
CaptchaSecurityImages.php fixed this hole at 27.03.2007. So one of the way to
fix these issues is to use fixed version of the script or to make appropriate
changes in com_bookman's version of the script.
----------
Details:
----------
These are Insufficient Anti-automation and Denial of Service vulnerabilities.
The vulnerabilities exist in captcha script CaptchaSecurityImages.php, which is
using in this system. I already wrote at my site about vulnerabilities in
CaptchaSecurityImages (http://websecurity.com.ua/4043/).
Insufficient Anti-automation (WASC-21):
http://site/acs/CaptchaSecurityImages.php?width=150&height=100&characters=2
Captcha bypass is possible as via half-automated or automated (with using of
OCR) methods, which were mentioned before (http://websecurity.com.ua/4043/),
as with using of session reusing with constant captcha bypass method
(http://websecurity.com.ua/1551/), which was described in project Month of Bugs
in Captchas.
DoS (WASC-10):
http://site/acs/CaptchaSecurityImages.php?width=1000&height=9000
With setting of large values of width and height it's possible to create large
load at the server.
------------
Timeline:
------------
2010.04.16 - disclosed at my site.
2010.04.17 - informed developers.
2010.04.18 - informed developers on another e-mail.
I mentioned about these vulnerabilities at my site
(http://websecurity.com.ua/4134/).
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/