Re: [Full-Disclosure] [Vulnerability] : ProductCart database file can be downloaded remotely

From: Larry W. Cashdollar (lwc_at_vapid.ath.cx)
Date: 07/06/03

Next message: Kristian Hermansen: "Re: [Full-Disclosure] Microsoft Cries Wolf ( again )"

Previous message: Dave Korn: "Re: [Full-Disclosure] tripbid secure codes"
In reply to: KF: "Re: [Full-Disclosure] [Vulnerability] : ProductCart database file can be downloaded remotely"
Next in thread: morning_wood: "Re: [Full-Disclosure] [Vulnerability] : ProductCart database file can be downloaded remotely"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <full-disclosure@lists.netsys.com>
Date: Sun, 6 Jul 2003 11:07:22 -0400 (EDT)

949 is a legit zip code in cali.

On Sat, 5 Jul 2003, KF wrote:

> Was that legit California data? I am sure than making someone have a
> nice weekend you just made multiple someones have a shitty month ahead
> of them...
> http://www.theregister.co.uk/content/55/31509.html
>
> -KF
>
> gyrniff wrote:
>
> >URL:
> >http://www.earlyimpact.com/productcart/build_to_order/productcart/pcadmin/Orddetails.asp?id=239
> >Change the name Paul to Paul'
> >
> >Microsoft OLE DB Provider for ODBC Drivers
> > error '80040e14'
> >[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in
> >query expression ''Paul'',lastName='Smith',customerCompany='Early Impact',
> >address='3226 Colorado Ave', city='Santa Monica', zip='90004',
> >stateCode='CA', CountryCode='US', phone='949 452 0062' WHERE idCustomer=115'.
> >/productcart/build_to_order/productcart/pcadmin/processOrder.asp, line 36
> >
> >have a nice weekend ;-)
> >
> >On Saturday 05 July 2003 22:07, Tri Huynh wrote:
> >
> >
> >>ProductCart database file can be downloaded remotely
> >>=================================================
> >>
> >>PROGRAM: ProductCart
> >>HOMEPAGE: http://www.earlyimpact.com/productcart/
> >>VULNERABLE VERSIONS: 1.0 to 2.0
> >>RISK: High
> >>
> >>
> >>DESCRIPTION
> >>=================================================
> >>
> >>ProductCart® is an ASP shopping cart that combines sophisticated
> >>ecommerce features with time-saving store management tools and remarkable
> >>ease of use. It is widely used by many e-commerce sites.
> >>
> >>DETAILS
> >>=================================================
> >>
> >>In the default installation, product cart database file is located at
> >>/productcart/database/EIPC.mdb which can be accessed easily
> >>by any remote attackers.
> >>
> >>Sample: http://victimhost/productcart/database/EIPC.mdb
> >>
> >>The database file includes the store administration password as well as
> >>customer's info (including credit card info).
> >>
> >>
> >> WORKAROUND
> >>=================================================
> >>
> >>Rename the database file, put it in a protected directory.
> >>
> >>
> >>CREDITS
> >>=================================================
> >>
> >>Discovered by Tri Huynh from Sentry Union
> >>
> >>
> >>DISLAIMER
> >>=================================================
> >>
> >>The information within this paper may change without notice. Use of
> >>this information constitutes acceptance for use in an AS IS condition.
> >>There are NO warranties with regard to this information. In no event
> >>shall the author be liable for any damages whatsoever arising out of
> >>or in connection with the use or spread of this information. Any use
> >>of this information is at the user's own risk.
> >>
> >>
> >>FEEDBACK
> >>=================================================
> >>
> >>Please send suggestions, updates, and comments to: trihuynh@zeeup.com
> >>
> >>
> >
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >
> >
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Kristian Hermansen: "Re: [Full-Disclosure] Microsoft Cries Wolf ( again )"

Previous message: Dave Korn: "Re: [Full-Disclosure] tripbid secure codes"
In reply to: KF: "Re: [Full-Disclosure] [Vulnerability] : ProductCart database file can be downloaded remotely"
Next in thread: morning_wood: "Re: [Full-Disclosure] [Vulnerability] : ProductCart database file can be downloaded remotely"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Print in color
... cali 54, try file page setup, sheet, and see if black and white is checked ... Paul B ... Always backup your data before trying something new ...
(microsoft.public.excel.printing)
Re: Pauls son Evan band s myspace
... Paul should have made him wait a few years. ... a young age could do massive damage to his confidence. ... Better to be young and shitty than to be in his 20's and shitty. ...
(rec.music.artists.kiss)
Re: Pauls son Evan band s myspace
... Paul should have made him wait a few years. ... a young age could do massive damage to his confidence. ... If you're young and in a band you can get away with being pretty shitty. ...
(rec.music.artists.kiss)
Re: Peter Criss Solo Tour
... Paul only had 60% attendance in the US, ... solo tour would be so shitty I can't imagine one happening. ...
(rec.music.artists.kiss)