February | 2009 | Soroush Dalili (@irsdl)

There were some critical vulnerabilities in website of Computer Science Department, University of Birmingham.
Addresses of the website:
www.cs.bham.ac.uk
supportweb.cs.bham.ac.uk

I reported them to the computer support section, and all of them are solved now.
The vulnerabilities were:
1- File uploading attack (In WWW, attacker could upload a php file and execute it.)
2- Directory traversal (In WWW, attacker could see the files and directories of the server and download the web files via the browser)
3- Local file inclusion (In Supportweb, attacker could use LFI techniques to do some malicious works)
4- Critical XSS attack in Gate Keeper’s Login (In Both, attacker could steal all the usernames and passwords of the users by using some simple social engineering techniques.)

Most of these vulnerabilities were because of the old part of the website.

Cheers.

Soroush Dalili (@irsdl) – سروش دلیلی

Web AppSec ninja, a semicolon enthusiast!

Monthly Archives: February 2009

Critical vulnerabilities in the website of my department! … were solved!