[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Cartfix Secret Backdoor Patch tool for cart32
From: Weld Pond <weld () ATSTAKE ! COM>
Date: 2000-04-27 21:10:55
[Download RAW message or body]
@Stake Inc.
L0pht Research Labs
www.atstake.com www.L0pht.com
Security Tool Release
Name: Cartfix Secret Backdoor Patch tool
Release Date: April 27, 2000
Application: Cart32 Shopping Cart Program
Platform: Win32
Severity: An attacker can execute commands on the web
server and modify admin password
Author: Dildog [dildog@atstake.com]
Weld Pond [weld@atstake.com]
Vendor Status: Vendor has been notified
Web: http://www.L0pht.com/advisories.html
Overview:
Cerberus Information Security Advisory (CISADV000427), available at
http://www.cerberus-infosec.co.uk/advcart32.html, details serious
vulnerabilities in the Cart32 shopping cart software,
http://www.cart32.com. The advisory details a secret backdoor password and
secret URLs that can be used to access sensitive data and issue commands
on web servers running the cart32 software.
The Cartfix program is a quick temporary solution for users waiting for a
permanent fix from the cart32 vendor, McMurtrey/Whitaker & Associates.
The Cartfix program searches for the secret backdoor password in the
cart32.exe program and replaces it with a random backdoor password. It
changes the ACL on the c32web.exe administration program so that anonymous
users cannot change the administrator password for cart32. This ACL fix
will only work on Windows NT/2000 systems.
This patch does in no way make the cart32 software secure. It merely
eliminates the two problems detailed in the Cerberus Information Security
advisory. The security problems in this software are at a basic design
level and may take several days for the vendor to fix. This patch will
allow users of cart32 to be safe from these high risk vulnerabilies while
awaiting this fix.
Executable file: http://www.l0pht.com/advisories/cartfix.exe
Source code: http://www.l0pht.com/advisories/cartfixsrc.zip
Directions:
You must be logged on as administrator to run the program. Press the
browse button and select the directory that contains the cart32 software.
This is usually cgi-bin or scripts. After the directory is selected press
'patch' to patch your cart32 installation.
[ For more advisories check out http://www.l0pht.com/advisories.html ]
L-ZERO-P-H-T
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic