Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum/snitz_forums_2000.mdb.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Snitz_forums_2000 | Snitz_communications | * | 3.4.06 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.0 (including) | 3.0 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.1 (including) | 3.1 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.1-sr4 (including) | 3.1-sr4 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.2.03 (including) | 3.2.03 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.3 (including) | 3.3 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.3.01 (including) | 3.3.01 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.3.02 (including) | 3.3.02 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.3.03 (including) | 3.3.03 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.4.02 (including) | 3.4.02 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.4.03 (including) | 3.4.03 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.4.04 (including) | 3.4.04 (including) |
| Snitz_forums_2000 | Snitz_communications | 3.4.05 (including) | 3.4.05 (including) |
References
- http://hackerscenter.com/archive/view.asp?id=28145
- http://www.packetstormsecurity.org/0801-exploits/snitz-multi.txt
- http://www.securityfocus.com/archive/1/485836/100/200/threaded
- http://www.securityfocus.com/archive/1/485894/100/200/threaded
- http://hackerscenter.com/archive/view.asp?id=28145
- http://www.packetstormsecurity.org/0801-exploits/snitz-multi.txt
- http://www.securityfocus.com/archive/1/485836/100/200/threaded
- http://www.securityfocus.com/archive/1/485894/100/200/threaded