Vulnerabilities > CVE-2007-4240 - Unspecified vulnerability in Help Center Live Help Center Live 2.1.3A
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN help-center-live
nessus
Summary
The check_logout function in class/auth.php in Help Center Live (hcl) 2.1.3a sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to delete administrative users and have other unspecified impact via certain requests to (1) admin/departments.php, (2) admin/operators.php, and other unspecified scripts. NOTE: some of these details are obtained from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | CGI abuses |
| NASL id | HCL_ADMIN_BYPASS.NASL |
| description | The remote host is running Help Center Live, an open source, web-based help desk application written in PHP. The version of Help Center Live installed on the remote host has several administrative scripts that fail to exit if called without valid credentials. An unauthenticated attacker may be able to exploit this design flaw to gain administrative control of the application. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 25898 |
| published | 2007-08-16 |
| reporter | This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/25898 |
| title | Help Center Live class/auth.php check_logout Function Admin Authentication Bypass |
References
- http://osvdb.org/39400
- http://osvdb.org/39400
- http://secunia.com/advisories/26352
- http://secunia.com/advisories/26352
- http://www.securityfocus.com/bid/25225
- http://www.securityfocus.com/bid/25225
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35833
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35833