[ZendTo] Penetration Test show big security issue
patrick.gaikowski at kaufland.com
patrick.gaikowski at kaufland.com
Thu Jun 16 10:30:47 BST 2011
Hi,
the penetration test in my company shows big issue according "onDemand"
dropoff for non registered users.
foreign user gets dropoff-auth with valid email-address after Recaptcha
user uploads files to Zendto with a non-existing email-address of my
company (for example --> nonexisting at kaufland.com)
user gets dropoff summary
in the source code of dropoff.php you can see the claimid and
claimpasscode as hidden input fields
<form name="deleteDropoff" method="post"
action="https://share.kaufland.com/delete.php">
<input type="hidden" name="claimID" value="JikPnNT7eDMCr9g7"/>
<input type="hidden" name="claimPasscode"
value="YtKuUMXQzcrMkAtd"/>
The foreign user could send the claimid and claimpasscode to a lot of
users, like a filesharing platform!
>From this point of view its a big security issue!
Mit freundlichen Grüßen / Best regards
Patrick Gaikowski
Tel: +49 7132 94 3568
Fax: +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967800 IT International / Infrastruktur
Office:
Lindichstrasse 11
D-74189 Weinsberg
http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!
Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Amtsgericht Stuttgart HRA 104163
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110616/bb206720/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 20220992.gif
Type: image/gif
Size: 27678 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110616/bb206720/attachment-0001.gif
More information about the ZendTo
mailing list