Detections
Analytics

CubeCart Admin Authentication Bypass

high Nessus Plugin ID 42353

Language:

Synopsis

A web application running on the remote host has an authentication bypass vulnerability.

Description

The version of CubeCart running on the remote host has an authentication bypass vulnerability. Sending a specially crafted POST request for 'admin.php' bypasses authentication for the administrative user. A remote attacker could exploit this to perform administrative actions such as installing malicious packages or dumping the CubeCart database.

Solution

Upgrade to CubeCart 4.3.5 or later.

See Also

http://www.nessus.org/u?b7755305

https://seclists.org/bugtraq/2009/Oct/302

http://www.nessus.org/u?d6571752

Plugin Details

Severity: High

ID: 42353

File Name: cubecart_admin_auth_bypass.nasl

Version: 1.16

Type: remote

Family: CGI abuses

Published: 11/3/2009

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:cubecart:cubecart

Required KB Items: www/cubecart

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/26/2009

Vulnerability Publication Date: 10/29/2009

Reference Information

CVE: CVE-2009-3904

BID: 36882

CWE: 264