The first hole allows to acceder in the admin links menu. For that purpose, it is enough to send a cookie with the name " cliens " and the value " admin_access " on the page www.host.com/links2037filename?fct=admin&idmpdv=Administrez . The second allows to by-pass the security against crack. Normally, 3 login attempts are allowed. But with the url www.host.com/links2037filename?fct=log&hacker=-1000 , 1003 login attemps are allowed. 2037links has been alerted. More details in french : http://www.bal-team.t2u.com/Tuts/liens2037.txt frog-m@n _________________________________________________________________ Téléchargez MSN Explorer gratuitement à l'adresse http://explorer.msn.fr/intl.asp.
This archive was generated by hypermail 2b30 : Sat Feb 09 2002 - 09:12:53 PST