Infradig 1.225 for Windows remote security hole - The administration server on port 81 allows anyone to edit accounts, add users, and set all kinds of things.
63f8d1a39cf329ce55fcd9216ecb9c6dcd197c0064764171dd3bb72347ab77a0
+++>===] Written by Nemesystm, leader of the DHC [===<+++
++++>==] Visit us at dhc1.cjb.net You want 2 [==<++++
Subject: Infradig 1.225 Security Hole
Description program: Infradig is a HTTP Server with a Mail daemon, etc.
Description hole: There are no restrictions on the online administration bit of the server software.
<-[what was used]->
Infradig 1.225 for Windows 95/98 downloaded from cnet.com
Installed with the typical installation, no standard settings changed.
This problem worked on: Windows 98 + IE5.0
<-[how to create the problem]->
The administration service runs on port 81 (as adefault, can be set). Connecting to: http://www.server.com:81/sysadmin/sysadmin.cgi will let you edit accounts, add users, set all kinds of things like ports, and start services. (FTP, etc)
On the HTTP server, you can go to http://www.server.com/sysadmin/ and it will/should automatically refer you to the administration service.
<-[logs]->
when you go to the administration page, your IP is logged. you can find the logs in programdir\logs.
It also has what you do, and what browser you used.
<-[fix]->
Delete: program dir\inetpub\sysadmin\*.*
program dir\inetpub\mailadmin\*.*
Change all user things, etc, by rightclicking the server icon in the bottom right corner of the screen and choosing "Manual configure"
Greetz,
nemesystm, leader of the DHC (dhc1.cjb.net)
>>>The End<<<
auto45040@hushmail.com for questions.