[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [Full-disclosure] Vulnerabilities in GlobalWoW
From: Ivan Carlos <icarlos () icarlos ! net>
Date: 2011-08-31 20:59:51
Message-ID: A7D185EBDEB9174F9F661B57C80764750563E86827 () VA3DIAXVS611 ! RED001 ! local
[Download RAW message or body]
C'mon... isn't that (gaming non-licensed server over a patented application) illegal?
Reporting vulns on counterfeit applications is useless.
Ivan Carlos
CISO, Consultant
+55 (11) 8112-0666
www.icarlos.net
-----Original Message-----
From: full-disclosure-bounces@lists.grok.org.uk \
[mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of MustLive
Sent: quarta-feira, 31 de agosto de 2011 17:44
To: submissions@packetstormsecurity.org; full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] Vulnerabilities in GlobalWoW
Hello list!
I want to warn you about Insufficient Anti-automation and Denial of Service vulnerabilities in \
GlobalWoW. Also GlobalWow can be included in ArcEmu and WOW Emulator Server.
This is the last of few advisories which I've made in April 2010. In this advisory I'm continue \
to inform readers of mailing lists about vulnerable web applications which are using \
CaptchaSecurityImages.php.
-------------------------
Affected products:
-------------------------
Vulnerable are GlobalWow 3.0.9 and previous versions (and potentially next versions).
Also the next products are affected: ArcEmu and WOW Emulator Server with which GlobalWow can be \
bundled.
I've already wrote last year the recommendations about fixing these issues in another my \
advisory concerning vulnerable web application with CaptchaSecurityImages.php. As I wrote \
earlier (http://www.securityfocus.com/archive/1/511023), developers of \
CaptchaSecurityImages.php fixed this hole at 27.03.2007. So one of the way to fix these issues \
is to use fixed version of the script or to make appropriate changes in com_bookman's version \
of the script.
----------
Details:
----------
These are Insufficient Anti-automation and Denial of Service vulnerabilities.
The vulnerabilities exist in captcha script CaptchaSecurityImages.php, which is using in this \
system. I already wrote at my site about vulnerabilities in CaptchaSecurityImages \
(http://websecurity.com.ua/4043/).
Insufficient Anti-automation (WASC-21):
http://site/acs/CaptchaSecurityImages.php?width=150&height=100&characters=2
Captcha bypass is possible as via half-automated or automated (with using of
OCR) methods, which were mentioned before (http://websecurity.com.ua/4043/),
as with using of session reusing with constant captcha bypass method \
(http://websecurity.com.ua/1551/), which was described in project Month of Bugs in Captchas.
DoS (WASC-10):
http://site/acs/CaptchaSecurityImages.php?width=1000&height=9000
With setting of large values of width and height it's possible to create large load at the \
server.
------------
Timeline:
------------
2010.04.16 - disclosed at my site.
2010.04.17 - informed developers.
2010.04.18 - informed developers on another e-mail.
I mentioned about these vulnerabilities at my site (http://websecurity.com.ua/4134/).
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic