DESCRIPTION<br><br><a href="http://Statcounter.com">Statcounter.com</a> is a popular (Page Rank: 9) web analytics services free and payment for websites with more 250,000 pageloads per mounth.<br><br>VULNERABILITY<br><br>The server where the backup's log of the last three days are situated is bad setted. The access for all directorys by server is free, incluse "utils" directory that contains one script file called "update.sh" inside of which are situated the user and password to enter and download the database log from <a href="http://ip2location.com">ip2location.com</a><br>
<br>this is the path:<br><br><a href="http://67.19.32.211/mc1.statcounter.com/utils/update.sh">http://67.19.32.211/mc1.statcounter.com/utils/update.sh</a><br><br>25/01/08: i have comunicated the vulnerability to Statcounter and they have solved the problem forbidding the page and changing the password.<br>
<br>Anyway i have found a old site contained the same information by a better search, Google has still date into the Cache:<br> <br><a href="http://209.85.135.104/search?q=cache:www.sunmarklsa.com/mc1.statcounter.com/utils/update.sh">http://209.85.135.104/search?q=cache:www.sunmarklsa.com/mc1.statcounter.com/utils/update.sh</a><br>
<br>-- <br>Gianni Amato aka guelfoweb<br><a href="http://www.gianniamato.it/">http://www.gianniamato.it/</a><br><a href="mailto:guelfoweb@gmail.com">guelfoweb@gmail.com</a><br>GnuPG key id: 0x6227ACDF