Web Hosting Talk






PDA

View Full Version : == RaQ 550 Security alert Please Read ==

benwell
09-27-2003, 07:28 PM
I have noticed a security risk within the RaQ 550 Control Panel of which a virtual site administration once logged into the control panel can replace the site number and site name in the url and gain access to the setting for other virtual sites on the server

Example

http://www.mydomain:444/nav/cList.php?root=sitemanageRoot&group=site6&hostname=www.client-domain.co.uk&goto=base_userList

the same user can now log in

alter the above link to

http://www.mydomain:444/nav/cList.php?root=sitemanageRoot&group=site2&hostname=www.cobalt.co.uk&goto=base_userList

And the user of which belongs to site 6 may now also take full control of site2

Why do cobalt release such a server which is very weak on security of which they had it mastered on the other system such as Raq 3,4 etc

I hope cobalt know of this problem and release a fix


All of your views and help with this matter would be much welcomed
-Edward-
09-28-2003, 04:44 AM
Why not just place a .htaccess file in that directory? would of thought that was an easy enough fix.
benwell
09-28-2003, 04:55 AM
what would i put in the htaccess file. Also this must afffect all users but still leave the Admin's with full access to the control panel


Originally posted by Technics
Why not just place a .htaccess file in that directory? would of thought that was an easy enough fix.
-Edward-
09-28-2003, 06:38 AM
not familar with the RAQ550 directory structure so i dun't know.

But i have noticed you can't access that page without an active session.
giza
10-08-2003, 10:52 PM
I found how to solve this problem
http://cobalt-forum.sun.com/forum/index.php?t=msg&th=2901&rid=&S=60c717979505a0758296bd93be3d855b&pl_view=&start=0#msg_92522

but wondering why Sun didn't release offical patch for this problem? (.pkg)
benwell
10-09-2003, 04:22 AM
Hi thanks for that link.

I have done has it says. and wow it fixed the problem.

funny that Sun did not know of the issue. RaQ 550 have been around for a good year now and that sort of problem should of been noticed in the testing stage even before the release of the servers. I know for sure when i got the RaQ 550 that was one of the first i tested has i noticed they moved from the cgi control panel to PHP. and i somehow know there was going to be a security issue somewhere

Thanks again for this solution to one of the many we are all faced with by sun mistakes

:)