Info

Disclosure

Nov 23, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

VHCS contains a flaw related to the domain alias management when creating and deleting forwards that may allow an attacker to hijack other users' forwards. No further details have been provided.

Classification

Location: Remote / Network Access
Impact: Loss of Integrity
Exploit: Exploit Unknown

Solution

Upgrade to version 2.4.7 or higher, as it has been reported to fix this vulnerability. In addition, VHCS has released a patch for some older versions.

Products

VHCS Team	VHCS	2.2
		2.4.6.2
		2.4.6
		2.4

References

Secunia Advisory ID: 17704
CVE ID: 2005-3913 (see also: NVD)
Related OSVDB ID: 21060
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0704.html
Vendor URL: http://www.vhcs.net/

Credit

Moritz Naumann - securitymoritz-naumann.com - Moritz Naumann IT Consulting & Services

Direct URL: http://osvdb.org/21061

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

VHCS Team

VHCS

References

Credit