Find Bug in your website

maulik shah shahmaulik120 at gmail.com
Sun Sep 29 13:16:36 EDT 2013 

Password transmitted over HTTP

URL :- http://pidgin.im/cgi-bin/mailman/listinfo/support

>From Target Action:- ../subscribe/support

Impact
If an attacker can intercept network traffic, he/she can steal users'
credentials.

HTTP Request

GET /cgi-bin/mailman/listinfo/support HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Referer: http://pidgin.im/support/
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET
CLR 1.1.4322; Netsparker)
X-Scanner: Netsparker
Accept-Language: en-us,en;q=0.5
Host: pidgin.im
Accept-Encoding: gzip, deflate


HTTP Response

HTTP/1.1 200 OK
Date: Sun, 29 Sep 2013 17:11:30 GMT
Transfer-Encoding: chunked
Cache-control: no-cache
Server: lighttpd
Content-Type: text/html; charset=us-ascii

<!-- $Revision: 5865 $ -->
<HTML>
  <HEAD>
    <TITLE>Support Info Page</TITLE>

  </HEAD>
  <BODY>

    <P>
      <TABLE COLS="1" BORDER="0" CELLSPACING="4" CELLPADDING="5">
<TR>
  <TD COLSPAN="2" WIDTH="100%" BGCOLOR="#99CCFF" ALIGN="CENTER">
    <B><FONT COLOR="#000000" SIZE="+1">Support --
End-user support for Pidgin, Finch and libpurple</FONT></B>
  </TD>
</TR>
<tr>
    <td colspan="2">
      <p> 
    </td>
  </tr>
  <tr>
    <TD COLSPAN="1" WIDTH="100%" BGCOLOR="#FFF0D0">
      <B><FONT COLOR="#000000">About Support</FONT></B>
    </TD>
            <TD COLSPAN="1" WIDTH="100%" BGCOLOR="#FFF0D0">
              <FORM Method=POST ACTION="../listinfo/support"> English (USA)
              </FORM>
    <FORM Method=POST ACTION="../subscribe/support">
            </TD>
  </TR>
    <tr>
      <td colspan="2">
<P style="border: 1px dotted #0000ff; padding: 0.4em;"><!---->For general
support questions about using Finch, Pidgin, or libpurple.
<br>
<br>Please check the <a href="http://developer.pidgin.im/wiki/FAQ">FAQ</a>
and our <a href="http://developer.pidgin.im/search">bug tracking system</a>
to make sure your issue isn't already known.
<br>
<br>THIS LIST IS PUBLIC!  Any information you send here will be visible to
the world forever.  DO NOT SEND PASSWORDS.<!----></P>
  <p> To see the collection of prior postings to the list,
      visit the <a href="http://pidgin.im/pipermail/support/">Support
  Archives</a>.

  </p>
</TD>
      </TR>
      <TR>
<TD COLSPAN="2" WIDTH="100%" BGCOLOR="#FFF0D0">
  <B><FONT COLOR="#000000">Using Support</FONT></B>
</TD>
      </TR>
      <tr>
<td colspan="2">
  To post a message to all the list members, send email to
  <A HREF="mailto:support at pidgin.im">support at pidgin.im</A>.

  <p>You can subscribe to the list, or change your existing
    subscription, in the sections below.
</td>
      </tr>
      <TR>
<TD COLSPAN="2" WIDTH="100%" BGCOLOR="#FFF0D0">
  <B><FONT COLOR="#000000">Subscribing to Support</FONT></B>
</TD>
      </TR>
      <tr>
<td colspan="2">
  <P>
    Subscribe to Support by filling out the following
      form.
  <ul>
  You will be sent email requesting confirmation, to
            prevent others from gratuitously subscribing you. This is a
hidden list, which means that the
            list of members is available only to the list administrator.
      <TABLE BORDER="0" CELLSPACING="2" CELLPADDING="2"
WIDTH="70%" HEIGHT= "112">
<TR>
  <TD BGCOLOR="#dddddd" WIDTH="55%">Your email address:</TD>
  <TD WIDTH="33%"><INPUT type="Text" name="email" size="30" value="">
</TD>
<TD WIDTH="12%"> </TD></TR>
      <tr>
        <td bgcolor="#dddddd" width="55%">Your name (optional):</td>
        <td width="33%"><INPUT type="Text" name="fullname" size="30"
value=""></td>
<TD WIDTH="12%"> </TD></TR>
      <TR>
<TD COLSPAN="3"><FONT SIZE=-1>You may enter a
    privacy password below. This provides only mild security,
    but should prevent others from messing with your
    subscription.  <b>Do not use a valuable password</b> as
    it will occasionally be emailed back to you in cleartext.

            <p>If you choose not to enter a password, one will be
            automatically generated for you, and it will be sent to
            you once you've confirmed your subscription.  You can
            always request a mail-back of your password when you edit
            your personal options.

</TD>
      </TR>
      <TR>
<TD BGCOLOR="#dddddd">Pick a password:</TD>
<TD><INPUT type="Password" name="pw" size="15"></TD>
<TD> </TD></TR>
      <TR>
<TD BGCOLOR="#dddddd">Reenter password to confirm:</TD>
<TD><INPUT type="Password" name="pw-conf" size="15"></TD>
<TD>  </TD></TR>
      <tr>
        <TD BGCOLOR="#dddddd">Which language do you prefer to display your
messages?</TD>
        <TD> English (USA)</TD>
        <TD>  </TD></TR>

      <tr>
<td>Would you like to receive list mail batched in a daily
  digest?
  </td>
<td><input type=radio name="digest" value="0" CHECKED> No
    <input type=radio name="digest" value="1">  Yes
</TD>
      </tr>

      <tr>
<td colspan="3">
  <center><INPUT type="Submit" name="email-button"
value="Subscribe"></P></center>
    </TABLE>
    </FORM>
    </ul>
    </td>
    </tr>
    <TR>
      <TD COLSPAN="2" WIDTH="100%" BGCOLOR="#FFF0D0">
<a name="subscribers">
        <B><FONT COLOR="#000000">Support Subscribers</FONT></B></a>
      </TD>
    </TR>
    <tr>
      <TD COLSPAN="2" WIDTH="100%">
<FORM Method=POST ACTION="../roster/support">
<INPUT name="language" type="HIDDEN" value="en" >(<i>The subscribers list
is only available to the list
            administrator.</i>) <p>Enter your admin address and password to
visit  the subscribers list: <p><center> Admin address: <INPUT type="Text"
name="roster-email" size="20" value="">Password: <INPUT type="Password"
name="roster-pw" size="15">  <INPUT name="SubscriberRoster"
type="SUBMIT" value="Visit Subscriber List" ></center>
    </FORM>
  <p>
<FORM Method=POST ACTION="../options/support">
To unsubscribe from Support, get a password reminder,
        or change your subscription options enter your subscription
        email address:
        <p><center> <INPUT name="email" type="TEXT" value="" size="30" >
 <INPUT name="UserOptions" type="SUBMIT" value="Unsubscribe or edit
options" ><INPUT name="language" type="HIDDEN" value="en" ></center> If you
leave the field blank, you will be prompted for
        your email address
</FORM>
      </td>
    </tr>
  </table>
<hr><address><a href="../listinfo/support">Support</a> list run by <a
href="mailto:support-owner at pidgin.im">lschiere at pidgin.im, mark at
kingant.net, seanegan at pidgin.im</a><br><a
href="../admin/support">Support administrative interface</a> (requires
authorization)<br><a href="../listinfo">Overview of all pidgin.im mailing
lists</a><p>
<table WIDTH="100%" BORDER="0">
  <tr>
    <td><a href="http://www.gnu.org/software/mailman/index.html"><img
src="/images/mailman/mailman.jpg" alt="Delivered by Mailman" border="0"
/><br>version 2.1.15</a></td>
    <td><a href="http://www.python.org/"><img
src="/images/mailman/PythonPowered.png" alt="Python Powered" border="0"
/></a></td>
    <td><a href="http://www.gnu.org/"><img
src="/images/mailman/gnu-head-tiny.jpg" alt="GNU's Not Unix" border="0"
/></a></td>
    <td><a href="http://www.debian.org/"><img
src="/images/mailman/debianpowered.png" alt="Debian Powered" border="0"
/></a></td>
  </tr>
</table>
</address>
</BODY>
</HTML>


Regards
Maulik Shah
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20130929/bc5e0a26/attachment.html>

More information about the security mailing list