Spinworks Application Server v.3.0 Security advisory

Release date:
11-3-2004

Risk:
Medium

Description:
The Spinworks Application Server allows Python developers to easily create and deploy complex web
applications such as information management sites, online stores, and intranets. Spinworks comes 
with batteries included: Embedded Text Search, SQL Database, Email Client, and Bank Transactions Client.
Spinworks runs on practically all operating systems, including Windows, FreeBSD, OpenBSD, or Linux, is
freely available as an Open Source product, and is written in C++.
 
 
Details:
(1) A vulnerability has been identified in Spinworks application server that allow a remote user
to succesfully crash the server by supplying a '.' in the sid parametre.

Example:
http://[host]:5002/?sid=.

The above url will succesfully crash the server.

(2) Spinworks application server comes with a number of sample scripts. The first problem is located in
http://[server]:5002/Examples/cart/addcart.html?id=something. The parametre id does not validate the
values it can accept. So it is possible for a user to add fake products. The same problem exists in:
http://[server]:5002/Examples/instabuy/instabuy.html?id=something


credits:
-------
Vulnerability found by: Dr_insane (dr_insane@pathfinder.gr)
Advisory by : Dr_insane