Team Asylum Security Copyright (c) 1999 By CyberSpace 2000 http://www.team-asylum.com Source: Dave M. (davem@cyberspace2000.com) Advisory Date: 09/16/1999 Affected -------- All known released versions of the iHTML Merchant for Unix/Windows 95/98/NT. Product Description ------------------- iHTML Merchant, written by Inline Internet Systems Inc., is an e-commerce solution programmed in iHTML which allows complicated web programming tasks to be done by anyone with basic knowledge of HTML and their web server of choice. Over 2,700 online merchants run iHTML Merchant. In turn, they can run dozens more stores off that single product. For more details about this product visit, http://www.ihtmlmerchant.com or see Inline's site at: http://www.inline.net. Vulnerability Summary --------------------- Team Asylum has discovered a vulnerability that exists in iHTML Merchant which would allow a malicious hacker to (at the very least) view the protected files in the website's administrative section, giving the attacker the ability to view credit card information. If the iHTML Merchant is being run on Windows 95/98/NT the vulnerability is much more severe. The vulnerability exists in how iHTML Merchant parses code. The attacker could: 1) Delete any file on the server 2) Write a file to any folder on the server. 3) Upload a trojan. 4) Steal credit card numbers, and other hidden information. If the iHTML Merchant is being run on UNIX, the possibility exists that the web site could be altered. These findings reflect the default settings for 95/98/NT and iHTML Merchant. Fix --- Below is a temporary fix that can be integrated with iHTML Merchant. > > For security reasons, your message was not sent.
Please verify that you entered your email address correctly, by going back
Final Notes ----------- This vulnerability exists because of the way the iHTML Merchant was written but is compounded by faulty NT security settings. Team Asylum has notified Inline Internet Systems but have received no response whatsoever.