ZH2003-10SA (security advisory): Mail System Ver. 0.9 Beta. Published: 16/07/2003 Released: 16/07/2003 Name: Mail System Ver. 0.9 Beta Affected Systems: All versions (?) Issue: Remote attackers can view all messages (and sql injection vulnerability) Author: G00db0y@zone-h.org Description *********** Zone-h Security Team has discovered a serious security flaw in Mail System Ver. 0.9 Beta. This is a simple internal mail system, originaly developed for an intranet project. Details ******* Mail System Ver. 0.9 Beta is a simple internal mail system in ASP. It's possible to retrieve all messages from it. Everyone can download the database at the following url: http://www.example.com/PATH/message.mdb Moreover there is a sql injection vulnerability in the login authentication form. It's located at: http://www.example.com/PATH/default.htm >From there it's possible to login with these strings: Login name: ' or 'a'='a Password: ' or 'a'='a Solution: ********* The vendor has been contacted and a patch is not yet produced Suggestions: ************ Protect the message file, rewrite the login procedure. G00db0y - www.zone-h.org admin Original advisory here: http://www.zone-h.org/en/advisories/read/id=2709/
