Backdoor in Cart32 Software
Reported April 27, 2000 by Cerberus Information Security
The Cerberus Security Team has discovered a backdoor in McMurtrey/Whitaker & Associates, Inc"s Cart32 software.The backdoor can be used to gain access to sensitive information such as passwords and credit card information. In addition, arbitrary commands may be run on a remote server, and the administratrive password may be changed without knowledge of the current administrative password.
Within cart32.exe there is a secret backdoor password of "wemilo" that can be found at file offset 0x6204h. The password is known internally to the software as the Cart32Password.
With knowledge of this password an attacker can go
to one of several undocument URLs such
The vendor issued a patch to remove the backdoors.
Discovered and reported by Cerberus Information Security