Blahz-DNS 0.2 - Direct Script Call Authentication Bypass
| EKU-ID: 26933 | CVE: CVE-2002-0599;OSVDB-5178 | OSVDB-ID: |
| Author: ppp-design | Published: 2002-04-28 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 26933 | CVE: CVE-2002-0599;OSVDB-5178 | OSVDB-ID: |
| Author: ppp-design | Published: 2002-04-28 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/4618/info Blahz-DNS is a web based management tool for DNS information. It is implemented in PHP, and available for Linux systems. By directly calling scripts included with Blahz-DNS, it is possible to bypass the authentication check, gaining full access to the Blahz-DNS tool. http://www.example.com/dostuff.php?action=modify_user