Team Asylum Security
Copyright (c) 1999 By CyberSpace 2000
http://www.team-asylum.com
Source: Dave M. (davem@cyberspace2000.com)
Advisory Date: 09/16/1999

Affected
--------
All known released versions of the iHTML Merchant for Unix/Windows 95/98/NT.

Product Description
-------------------
iHTML Merchant, written by Inline Internet Systems Inc., is an e-commerce 
solution programmed in iHTML which allows complicated web programming tasks 
to be done by anyone with basic knowledge of HTML and their web server of 
choice.  

Over 2,700 online merchants run iHTML Merchant.  In turn, they can run
dozens more stores off that single product.  For more details about 
this product visit, http://www.ihtmlmerchant.com or see Inline's site at: 
http://www.inline.net.

Vulnerability Summary
---------------------
Team Asylum has discovered a vulnerability that exists in iHTML Merchant 
which would allow a malicious hacker to (at the very least) view the 
protected files in the website's administrative section, giving the attacker 
the ability to view credit card information.  If the iHTML Merchant is being 
run on Windows 95/98/NT the vulnerability is much more severe.  The 
vulnerability exists in how iHTML Merchant parses code.  The attacker 
could:

1) Delete any file on the server
2) Write a file to any folder on the server.
3) Upload a trojan.
4) Steal credit card numbers, and other hidden information.

If the iHTML Merchant is being run on UNIX, the possibility exists that the 
web site could be altered.  These findings reflect the default settings for
95/98/NT and iHTML Merchant.

Fix
---
A fix has been provided by Inline Internet Systems.  You can download
the patches in the following URL:

http://www.ihtmlmerchant.com/support_patches_feedback.htm