Released: January 8, 2002 By: Kernel jeian, Executive Officer, CyberArmy Exploit Research Team - http://www.exploitresearch.net Advisory #1 --- There is a vulnerability in Allaire Forums, a popular web-board service. Through this vulnerability, it is possible to impersonate other users. --- Allaire forums use a HIDDEN tag to determine the name and e-mail address of the author. By saving the file to disk and editing the HIDDEN fields before posting, it is possible to impersonate another user. --- We were unable to contact the maintainer of Allaire forums as of this writing. --- Ker. jeian XO, CyberArmy Exploit Research.
This archive was generated by hypermail 2b30 : Wed Jan 09 2002 - 11:17:54 PST