Re: Hosting Controller Vulnerability

From: Muhammad Faisal Rauf Danka (mfrdat_private)
Date: Sun Jul 14 2002 - 14:32:23 PDT

Next message: Przemyslaw Frasunek: "OpenBSD rootkit"

Previous message: Valdis.Kletnieksat_private: "Re: [7.8.2002 44916] Notice of Copyright Infringement"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Instead of using something like @stake web proxy, could you also save the html output of (/accounts/updateuserdesc.asp) locally and change username to administrator and re-submit the form? And how are they validating the user name after applying the patch ?

Regards, 
---------
Muhammad Faisal Rauf Danka

Chief Technology Officer
Gem Internet Services (Pvt) Ltd.
web: www.gem.net.pk

_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------

_____________________________________________________________
Promote your group and strengthen ties to your members with emailat_private by Everyone.net  http://www.everyone.net/?btn=tag

Next message: Przemyslaw Frasunek: "OpenBSD rootkit"
Previous message: Valdis.Kletnieksat_private: "Re: [7.8.2002 44916] Notice of Copyright Infringement"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jul 15 2002 - 08:21:57 PDT