Cart 32 Vulnerable to Information Leakage and DoS Attack

Reported November 9, 2000 by Xato Network Security

VERSIONS AFFECTED
  • Cart 32 V3.5 and below

DESCRIPTION

Two issues have been discovered with Cart 32 version 3.5 and below.  The first being a denial of service and the second is information leakage via specially crafted URLs.

DEMONSTRATION

The denial of service is accomplished by entering the following url; http://www.example.com/cgi-bin/c32web.exe/ShowProgress

This will cause CPU usage to jump to 100%.

The second issue, information leakage displaying full physical paths of directories can be accomplished with the following URLs; 

http://www.example.com/cgi-bin/cart32.exe/error

http://www.example.com/cgi-bin/c32web.exe/ShowAdminDir

http://www.example.com/cgi-bin/c32web.exe/CheckError?error=53

VENDOR RESPONSE

The Cart 32 team at McMurtrey/Whitaker & Associates has addressed these issues in the latest version 3.5a and has recommended that users read the knowledge base articles provided on their web site. http://www.cart32.com

CREDIT
Discovered by
Xato Network Security

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish