[VIM] Re: IMOEL CMS Sql password discovery (fwd)

Matthew Murphy mattmurphy at kc.rr.com
Tue Dec 13 23:50:03 EST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Steven M. Christey wrote:
> 
> ---------- Forwarded message ----------
> Date: Tue, 13 Dec 2005 23:23:30 -0500 (EST)
> From: Steven M. Christey <coley at mitre.org>
> To: silversmith at ashiyane.com
> Cc: bugtraq at securityfocus.com
> Subject: Re: IMOEL CMS Sql password discovery
> 
> 
> Hello,
> 
> 
>>IMOEL CMS has the weakness to download the plain text sql password in
>>the setting.php file
>>
>>*/*************************************
>>$setting['host']['username'] = 'sqlusername';
>>$setting['host']['password'] = 'sqlpassword';
>>
>>***************************************

The only case where that is an issue is if the file is disclosed in its
entirety.  The executed file will not reveal the password.  At best, it
is a weakness, and not an independent vulnerability.  I'd classify it as
a non-issue, because the APIs for authenticating to mysql DBs, AFAIK,
all require plain passwords.  There's not much the script author could
do about this, other than using (reversible) encryption, which would
cost a cracker a few extra seconds.

- --
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."

                                -- Michael Holstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDn6R6fp4vUrVETTgRA0/GAKC2MGizutGDfKhRdIgWb5FjIA5f1QCfR4Az
feNngMD/GHmHVxf4W65i2gs=
=vezr
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3436 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.attrition.org/pipermail/vim/attachments/20051213/29d4ca48/smime.bin


More information about the VIM mailing list