CVE-2008-2044
published 2008-05-01CVE-2008-2044: includes/library.php in netOffice Dwins 1.3 p2 compares the demoSession variable to the 'true' string literal instead of the true boolean literal, which allows…
PriorityP357high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
11.35%
95.4th percentile
includes/library.php in netOffice Dwins 1.3 p2 compares the demoSession variable to the 'true' string literal instead of the true boolean literal, which allows remote attackers to bypass authentication and execute arbitrary code by setting this variable to 1, as demonstrated by uploading a PHP script via an add action to projects_site/uploadfile.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netoffice | dwins | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
fhttpd 0.4.2 - 'un64()' Remote Denial of Service
exploitdb·2008-09-19
CVE-2008-7014 fhttpd 0.4.2 - 'un64()' Remote Denial of Service
fhttpd 0.4.2 - 'un64()' Remote Denial of Service
---
#!/usr/bin/perl
#Jeremy Brown [[email protected]/http://jbrownsec.blogspot.com]
#http://www.fhttpd.org / fhttpd-0.4.2.tar.gz (WARNING: VERY OLD)
#Program received signal SIGSEGV, Segmentation fault.
#0x0804b42d in un64 (s=0x809b2d2 "") at util.cc:69
#69 if(c2!=-2) c3=rptr[3]; else c3=-2;
#(gdb) bt
#0 0x0804b42d in un64 (s=0x809b2d2 "") at util.cc:69
#1 0x080672bf in ControlFTPServerApp::process_get_line (this=0x8089678,
#fhttpd.cc:2044
#3 0x08060190 in Wheel::onepass (this=0x8081338) at sockobj.cc:1953
#4 0x08073c14 in main (argc=1, argv=0xbffff464, env=0xbffff46c) at fhttpd.cc:3645
#One of the near useless bugs found by my fuzzer with http fuzz capabilities
# Crashes with { } | [ ] \ ; : ' " ? , . OR with just a space after Bas
Exploit-DB
NetOffice Dwins 1.3 - Authentication Bypass / Arbitrary File Upload
exploitdb·2008-02-29
CVE-2008-2044 NetOffice Dwins 1.3 - Authentication Bypass / Arbitrary File Upload
NetOffice Dwins 1.3 - Authentication Bypass / Arbitrary File Upload
---
source: https://www.securityfocus.com/bid/28051/info
netOffice Dwins is prone to a vulnerability that allows attackers to bypass authentication as well as a vulnerability that allows attackers to upload arbitrary files. These issues occur because the application fails to adequately sanitize user-supplied input.
Attackers can leverage these issues to gain unauthorized access to the application and to execute arbitrary code in the context of the application.
These issues affect Dwins 1.3 p2; other versions may also be affected.
Upload Form Comments : Upload :
No writeups or analysis indexed.
http://netofficedwins.sourceforge.net/modules/news/article.php?storyid=47http://secunia.com/advisories/29193http://securityreason.com/securityalert/3845http://sourceforge.net/forum/forum.php?forum_id=814851http://www.securityfocus.com/archive/1/488958http://www.securityfocus.com/archive/1/491542/100/0/threadedhttp://www.securityfocus.com/bid/28051http://netofficedwins.sourceforge.net/modules/news/article.php?storyid=47http://secunia.com/advisories/29193http://securityreason.com/securityalert/3845http://sourceforge.net/forum/forum.php?forum_id=814851http://www.securityfocus.com/archive/1/488958http://www.securityfocus.com/archive/1/491542/100/0/threadedhttp://www.securityfocus.com/bid/28051
2008-05-01
Published