Jaws create cookie to bypass authentication
| jaws-cookie-bypass-authentication (16622) |  Medium Risk |
Description:
Jaws could allow a remote attacker to bypass authentication and gain unauthorized administrative access. The attacker could create a specially-crafted cookie and send an HTTP request to the admin.php script to login to Jaws as an administrator, without supplying a password.
Platforms Affected:
- Jaws, Jaws 0.3 BETA
Remedy:
Apply the fix for this vulnerability, available from the Jaws Web site. See References.
Consequences:
Gain Access
References:
- Full-Disclosure Mailing List, Tue Jul 06 2004 - 02:19:48 CDT, Multiples vulnerabilities in JAWS at http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0226.html.
- Jaws Web site, jaws at http://www.jaws.com.mx.
- BID-10670: JAWS Multiple Input Validation Vulnerabilities
- CVE-2004-2443: Jaws 0.3 allows remote attackers to bypass authentication and via an HTTP request to admin.php with the logged cookie set to the MD5 hash of a null password, which is compared against the logged session variable by the logged_on function in application.php.
- OSVDB ID: 7724: JAWS Cookie Manipulation Authentication Bypass
- SECTRACK ID: 1010651: Jaws Errors Let Remote Users View Files and Gain Administrative Access
Reported:
Jul 06, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net