MidnightBSD

Advisories for hosting_controller

CVE-2002-0212 HIGH

The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.1
hosting_controller hosting_controller 1.4
hosting_controller hosting_controller 1.3
hosting_controller hosting_controller 1.4.1
hosting_controller hosting_controller 1.4b
CVE-2002-0464 MEDIUM

Directory traversal vulnerability in Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files and directories via a .. (dot dot) in arguments to (1) file_editor.asp, (2) folderactions.asp, or (3) editoractions.asp.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.4
hosting_controller hosting_controller 1.4.1
CVE-2002-0465 HIGH

Directory traversal vulnerability in filemanager.asp for Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files, and execute commands, via a .. (dot dot) in the OpenPath parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.4
hosting_controller hosting_controller 1.4.1
CVE-2002-0466 MEDIUM

Hosting Controller 1.4.1 and earlier allows remote attackers to browse arbitrary directories via a full C: style pathname in the filepath arguments to (1) Statsbrowse.asp, (2) servubrowse.asp, (3) browsedisk.asp, (4) browsewebalizerexe.asp, or (5) sqlbrowse.asp.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.4
hosting_controller hosting_controller 1.4.1
CVE-2002-0772 MEDIUM

Directory traversal vulnerability in dsnmanager.asp for Hosting Controller allows remote attackers to read arbitrary files and directories via a .. (dot dot) in the RootName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.1
hosting_controller hosting_controller 1.4
hosting_controller hosting_controller 1.3
hosting_controller hosting_controller 1.4.1
hosting_controller hosting_controller 1.4b
CVE-2002-0773 HIGH

imp_rootdir.asp for Hosting Controller allows remote attackers to copy or delete arbitrary files and directories via a direct request to imp_rootdir.asp and modifying parameters such as (1) ftp, (2) owwwPath, and (3) oftpPath.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.1
hosting_controller hosting_controller 1.4
hosting_controller hosting_controller 1.3
hosting_controller hosting_controller 1.4.1
hosting_controller hosting_controller 1.4b
CVE-2002-0774 HIGH

Hosting Controller creates a default user AdvWebadmin with a default password, which could allow remote attackers to gain privileges if the password is not changed.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.1
hosting_controller hosting_controller 1.4
hosting_controller hosting_controller 1.3
hosting_controller hosting_controller 1.4.1
hosting_controller hosting_controller 1.4b
CVE-2002-0775 MEDIUM

browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.1
hosting_controller hosting_controller 1.4
hosting_controller hosting_controller 1.3
hosting_controller hosting_controller 1.4.1
hosting_controller hosting_controller 1.4b
CVE-2002-0776 HIGH

getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 2002
CVE-2004-1217 MEDIUM

Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.asp or (2) Generalbrowse.asp.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 6.1_hotfix_1.4
hosting_controller hosting_controller 6.1
CVE-2005-0694 MEDIUM

Hosting Controller 6.1 Hotfix 1.7 and earlier stores log files under the web root, which allows remote attackers to obtain sensitive information via a direct request to HCDiskQuotaService.csv.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.1
hosting_controller hosting_controller 1.3
hosting_controller hosting_controller 6.1_hotfix_1.4
hosting_controller hosting_controller 1.4.1
hosting_controller hosting_controller 1.4b
hosting_controller hosting_controller 6.1_hotfix_1.7
hosting_controller hosting_controller 6.1
CVE-2005-0695 MEDIUM

The password recovery feature (forgotpassword.asp) in Hosting Controller 6.1 Hotfix 1.7 and earlier allows remote attackers to determine the owner's e-mail address by providing a portion of the domain name to the "login ID" field.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.1
hosting_controller hosting_controller 1.3
hosting_controller hosting_controller 6.1_hotfix_1.4
hosting_controller hosting_controller 1.4.1
hosting_controller hosting_controller 1.4b
hosting_controller hosting_controller 6.1_hotfix_1.7
hosting_controller hosting_controller 6.1
CVE-2005-1784 HIGH

Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller *
CVE-2005-1788 HIGH

SQL injection vulnerability in resellerresources.asp in Hosting Controller 6.1 Hotfix 2.0 allows remote attackers to execute arbitrary SQL commands via the jresourceid parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 6.1_hotfix_2.0
CVE-2005-2077 MEDIUM

Cross-site scripting (XSS) vulnerability in error.asp for Hosting Controller allows remote attackers to inject arbitrary web script or HTML via the error parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 1.1
hosting_controller hosting_controller 6.1_hotfix_1.9
hosting_controller hosting_controller 1.4
hosting_controller hosting_controller 1.3
hosting_controller hosting_controller 6.1_hotfix_1.4
hosting_controller hosting_controller 1.4.1
hosting_controller hosting_controller 1.4b
hosting_controller hosting_controller 6.1_hotfix_1.7
hosting_controller hosting_controller 6.1
hosting_controller hosting_controller 6.1_hotfix_2.0
CVE-2005-2219 MEDIUM

Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 6.1_hotfix_2.1
CVE-2005-3038 MEDIUM

Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4 allows remote attackers to list and read contents of arbitrary drives, related to "the PHP vulnerability."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 6.1_hotfix_2.3
CVE-2006-0581 MEDIUM

SQL injection vulnerability in Hosting Controller 6.1 Hotfix 2.8 allows remote authenticated users to execute arbitrary SQL commands via the (1) GatewayID parameter in an add action in AddGatewaySettings.asp and (2) IP parameter in IPManager.asp.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 6.1_hotfix_2.8
CVE-2006-1229 HIGH

SQL injection vulnerability in search.asp in Hosting Controller 6.1 (Hotfix 2.9) allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 6.1_hotfix_2.9
CVE-2006-1620 MEDIUM

admin/accounts/AccountActions.asp in Hosting Controller 2002 RC 1 allows remote attackers to modify passwords of other users, probably via an "Update User" ActionType with a modified UserName parameter and the PassCheck parameter set to TRUE. It was later reported that the vulnerability is present in 6.1 Hotfix 3.3 and earlier.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller *
hosting_controller hosting_controller 2002_rc_1
CVE-2006-1621 MEDIUM

Directory traversal vulnerability in admin/folders/saveuploadfiles.asp in Hosting Controller 2002 RC 1 allows remote authenticated users to overwrite arbitrary files via an absolute path in the OpenPath parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 2002_rc_1
CVE-2006-1764 HIGH

Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 2002
hosting_controller hosting_controller 1.1
hosting_controller hosting_controller 1.4
hosting_controller hosting_controller 6.1_hotfix_1.4
hosting_controller hosting_controller 6.1_hotfix_2.8
hosting_controller hosting_controller 2002_rc_1
hosting_controller hosting_controller 6.1
hosting_controller hosting_controller 6.1_hotfix_2.0
hosting_controller hosting_controller 6.1_hotfix_1.9
hosting_controller hosting_controller 1.3
hosting_controller hosting_controller 6.1_hotfix_2.1
hosting_controller hosting_controller 6.1_hotfix_2.3
hosting_controller hosting_controller 1.4.1
hosting_controller hosting_controller 1.4b
hosting_controller hosting_controller 6.1_hotfix_1.7
hosting_controller hosting_controller *
CVE-2006-3147 MEDIUM

Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix 3.2) allows remote authenticated attackers to gain host admin privileges, list all resellers, or change resellers' passwords via unspecified vectors. NOTE: due to the lack of precise details, it is not clear whether this is related to a previously disclosed issue such as CVE-2005-1788.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
hosting_controller hosting_controller 6.1_hotfix_2.9
hosting_controller hosting_controller 6.1_hotfix_1.9
hosting_controller hosting_controller 6.1_hotfix_2.1
hosting_controller hosting_controller 6.1_hotfix_2.3
hosting_controller hosting_controller 6.1_hotfix_1.4
hosting_controller hosting_controller 6.1_hotfix_1.7
hosting_controller hosting_controller 6.1_hotfix_2.8
hosting_controller hosting_controller 6.1
hosting_controller hosting_controller 6.1_hotfix_2.0