Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Servers :: sware2~2.htm

SITEWare cleartext passwords, read arbitrary files



    SITEWare 2.5, 3.0


    Following is based  on Foundstone Labs  Advisory FS-061201-18-SMSW
    by Mike Shema.  A source code disclosure vulnerability exists with
    ScreamingMedia's SITEWare  Editor's Desktop.   This  vulnerability
    allows for  the arbitrary  viewing of  world-readable files within
    the web document root. It should also be noted that ScreamingMedia
    stores site user names and passwords in clear text files.

    The  SITEWare  Editor's  Desktop  is  a  web-based  administration
    front-end for ScreamingMedia content.  The listening server can be
    assigned  an  arbitrary  port  on  which  to listen.  For example,
    template source can be viewed by the URL:


    Any  file  within  the  SITEWare/threads/Editor  directory  can be
    viewed, but not system files outside of this root.

    As for exploit, from a browser, make the following URL request:



    Refer to the advisory published by ScreamingMedia at:

    Customers  should  obtain  upgraded  software  by contacting their
    customer support representative to obtain patches.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH