Comments on: CubeCart 4 session management bypass leads to administrator access http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/ Acunetix Web Application Security Blog Fri, 10 Feb 2012 07:58:15 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Acunetix Web Application Security Blog » CubeCart 4 session … | Coder Online http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-3355 Acunetix Web Application Security Blog » CubeCart 4 session … | Coder Online Mon, 18 Jan 2010 21:32:40 +0000 http://www.acunetix.com/blog/?p=801#comment-3355 [...] Read this article: Acunetix Web Application Security Blog » CubeCart 4 session … [...] [...] Read this article: Acunetix Web Application Security Blog » CubeCart 4 session … [...]

]]> By: CubeCart neglect to inform their customers of critical vulnerability | Online Payment Solutions http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-3018 CubeCart neglect to inform their customers of critical vulnerability | Online Payment Solutions Tue, 05 Jan 2010 06:21:31 +0000 http://www.acunetix.com/blog/?p=801#comment-3018 [...] installing modules and so on. You can find a detailed description of the vulnerability on the Acunetix blog including a proof of [...] [...] installing modules and so on. You can find a detailed description of the vulnerability on the Acunetix blog including a proof of [...]

]]> By: Nodo54 » Blog Archive » CubeCart 4 session management bypass leads to administrator access http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-2602 Nodo54 » Blog Archive » CubeCart 4 session management bypass leads to administrator access Wed, 25 Nov 2009 05:57:53 +0000 http://www.acunetix.com/blog/?p=801#comment-2602 [...] Proof of concept and more info: http://www.acunetix.com/blog/ [...] [...] Proof of concept and more info: http://www.acunetix.com/blog/ [...]

]]> By: CubeCart 4 security vulnerability: is your store at risk? | frag (frăg) http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-2467 CubeCart 4 security vulnerability: is your store at risk? | frag (frăg) Wed, 04 Nov 2009 16:06:36 +0000 http://www.acunetix.com/blog/?p=801#comment-2467 [...] reading on XSS attacks today, I found this recently reported exploint in CubeCart 4 that can gain you administrative access to the [...] [...] reading on XSS attacks today, I found this recently reported exploint in CubeCart 4 that can gain you administrative access to the [...]

]]> By: Warning to anyone running CubeCart - Irish SEO, Marketing & Webmaster Discussion http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-2441 Warning to anyone running CubeCart - Irish SEO, Marketing & Webmaster Discussion Mon, 02 Nov 2009 11:54:09 +0000 http://www.acunetix.com/blog/?p=801#comment-2441 [...] for administrator users in CubeCart. You can find full details of the vulnerability on the Acunetix blog. Basically you could by-pass the session management and get full administrator access to any [...] [...] for administrator users in CubeCart. You can find full details of the vulnerability on the Acunetix blog. Basically you could by-pass the session management and get full administrator access to any [...]

]]> By: Bogdan Calin http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-2440 Bogdan Calin Mon, 02 Nov 2009 11:23:14 +0000 http://www.acunetix.com/blog/?p=801#comment-2440 Thanks Dave. I will update the story to mention that CubeCart responded and published information about this vulnerability. Thanks again. Thanks Dave. I will update the story to mention that CubeCart responded and published information about this vulnerability. Thanks again.

]]> By: Dave Lowry http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-2437 Dave Lowry Mon, 02 Nov 2009 09:50:28 +0000 http://www.acunetix.com/blog/?p=801#comment-2437 Hi Bogdan, Great work on finding this vulnerability and documenting it so well. I did a blog post about the vulnerability after reading your post. <a href="http://www.webpayments.ie/blog/cubecart-neglect-to-inform-their-customers-of-critical-vulnerability.html" title="CubeCart neglect to inform their customers of a critical vulnerability" rel="nofollow"> CubeCart neglect to inform their customers of a critical vulnerability</a> CubeCart have <a href="http://www.webpayments.ie/blog/cubecart-neglect-to-inform-their-customers-of-critical-vulnerability.html#comment-83" title="CubeCart make formal apology on webpayments.ie" rel="nofollow">since responded and made a formal apology on my site.</a> They also posted an apology and notification on their site. I do not think this makes things right but hopefully it will help notify there customers of the problem. Thanks, Dave Hi Bogdan,

Great work on finding this vulnerability and documenting it so well. I did a blog post about the vulnerability after reading your post.

CubeCart neglect to inform their customers of a critical vulnerability

CubeCart have since responded and made a formal apology on my site.

They also posted an apology and notification on their site. I do not think this makes things right but hopefully it will help notify there customers of the problem.

Thanks,
Dave

]]> By: Bogdan Calin http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-2436 Bogdan Calin Mon, 02 Nov 2009 09:45:29 +0000 http://www.acunetix.com/blog/?p=801#comment-2436 Charlie, this problem is very real. I don't know why you cannot reproduce it. This problem was initially reported to them (CubeCart) and after it was fixed (in 4.3.5), it was published on this blog. So, they reproduced and fixed the problem. Charlie, this problem is very real. I don’t know why you cannot reproduce it.
This problem was initially reported to them (CubeCart) and after it was fixed (in 4.3.5), it was published on this blog. So, they reproduced and fixed the problem.

]]> By: Charlie Smi http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-2423 Charlie Smi Sun, 01 Nov 2009 17:19:59 +0000 http://www.acunetix.com/blog/?p=801#comment-2423 We are unable to verifiy this problem. Perhaps that is why it was not listed in the changelog? We are unable to verifiy this problem. Perhaps that is why it was not listed in the changelog?

]]> By: News CubeCart 4 session management bypass leads to administrator access | Web 2.0 Designer http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-2390 News CubeCart 4 session management bypass leads to administrator access | Web 2.0 Designer Fri, 30 Oct 2009 10:12:02 +0000 http://www.acunetix.com/blog/?p=801#comment-2390 [...] Read the original post: CubeCart 4 session management bypass leads to administrator access [...] [...] Read the original post: CubeCart 4 session management bypass leads to administrator access [...]

]]> By: uberVU - social comments http://www.acunetix.com/blog/news/cubecart-4-session-management-bypass-leads-to-administrator-access/#comment-2389 uberVU - social comments Fri, 30 Oct 2009 09:48:28 +0000 http://www.acunetix.com/blog/?p=801#comment-2389 <strong>Social comments and analytics for this post...</strong> This post was mentioned on Twitter by seanmw: RT @ethicalhack3r: (shopping cart used by over a million stores worldwide) session management bypass vulnerability; http://bit.ly/PyyZn... Social comments and analytics for this post…

This post was mentioned on Twitter by seanmw: RT @ethicalhack3r: (shopping cart used by over a million stores worldwide) session management bypass vulnerability; http://bit.ly/PyyZn...

]]>