Greymatter "gmrightclick" allows remote attacker to obtain usernames and passwords

greymatter-gmrightclick-account-information (8277) The risk level is classified as MediumMedium Risk


Greymatter could allow a remote attacker to obtain account information. A remote attacker can find a vulnerable site running Greymatter by searching the Web for a "gmrightclick" file. This would allow the attacker to obtain usernames and passwords by downloading the "gmrightclick" file from the vulnerable Greymatter site.


Obtain Information


No remedy available as of September 1, 2014.


  • BugTraq Mailing List, Sun Feb 24 2002 - 17:26:12 CST: Greymatter 1.21c and earlier - remote login/pass exposure.
  • Greymatter Web site: Greymatter - Weblog/Journal Software.
  • BID-4169: Noah Grey Greymatter IE Bookmarklet Account Compromise Vulnerability
  • CVE-2002-0324: Greymatter 1.21c and earlier with the Bookmarklet feature enabled allows remote attackers to read a cleartext password and gain administrative privileges by guessing the name of a gmrightclick-*.reg file which contains the administrator name and password in cleartext, then retrieving the file from the web server before the Greymatter administrator performs a Clear And Exit action.
  • OSVDB ID: 4081: Greymatter Remote Admin Account Compromise

Platforms Affected:

  • Noah Grey Greymatter 1.21c and prior


Feb 24, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page