CVE-1999-1508
CVSS10.0
发布时间 :1999-11-16 00:00:00
修订时间 :2016-10-17 22:05:06
NMCOES    

[原文]Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html.


[CNNVD]Tektronix PhaserLink Web服务器漏洞 (CNNVD-199911-055)

        Tektronix PhaserLink Printer 840.0及早期版本上的Web服务器存在漏。远程攻击者可以通过直接调用无正式文档的URLs,如ncl_items.html 和 ncl_subjects.html获得管理者访问权限。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/h:tek:phaser_network_printer_930Tektronix Phaser Network Printer 930
cpe:/h:tek:phaser_network_printer_750dpTektronix Phaser Network Printer 750DP
cpe:/h:tek:phaser_network_printer_740Tektronix Phaser Network Printer 740
cpe:/h:tek:phaser_network_printer_750Tektronix Phaser Network Printer 750
cpe:/h:tek:phaser_network_printer_840Tektronix Phaser Network Printer 840

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1508
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1508
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-199911-055
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=94286041430870&w=2
(UNKNOWN)  BUGTRAQ  19991116 [Fwd: Printer Vulnerability: Tektronix PhaserLink Webserver gives Administrator Password]
http://www.securityfocus.com/bid/806
(VENDOR_ADVISORY)  BID  806

- 漏洞信息

Tektronix PhaserLink Web服务器漏洞
危急 访问验证错误
1999-11-16 00:00:00 2005-10-20 00:00:00
远程  
        Tektronix PhaserLink Printer 840.0及早期版本上的Web服务器存在漏。远程攻击者可以通过直接调用无正式文档的URLs,如ncl_items.html 和 ncl_subjects.html获得管理者访问权限。

- 公告与补丁

        1. Block Port 80 access to this printer via a router or firewall. This will prevent access to this software from those outside the network. Also, since very rarely will anyone print from outside the local network, setting the default gateway be the same as the IP address will keep outside users from exploiting this service.
        2. Disable the PhaserLink Webserver on the printer. This can be accomplished through the control panel, switching the HTTP Protocol to Disabled (Under Printer Configuration | Network Settings | HTTP), but it can also be accomplished via the URL
        http://printername/ncl_items?SUBJECT=2097, then switch the setting "On" to off.

- 漏洞信息 (19632)

Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink Webserver Vulnerability (EDBID:19632)
hardware remote
1999-11-17 Verified
0 Dennis W. Mattison
N/A [点击下载]
source: http://www.securityfocus.com/bid/806/info


Certain versions of the Tektronix PhaserLink printer ship with a webserver designed to help facilitate configuration of the device. This service is essentially administrator level access as it can completely modify the system characteristics, restart the machine, asign services etc.

In at least one version of this printer there are a series of undocumented URL's which will allow remote users to retrieve the administrator password. Once the password is obtained by the user, they can manipulate the printer in any way they see fit.

To obtain the administrator password:

http://printername/ncl_items.html?SUBJECT=2097 		

- 漏洞信息

113
Tektronix PhaserLink Printer Web Server Direct Request Administrator Access

- 漏洞描述

The Tektronix PhaserLink Printer 930 and earlier web interface allows unauthenticated users to obtain administrator access by accessing restricted URLs directly. An attacker can use this interface to reconfigure the printer or cause a denial of service condition.

- 时间线

1999-11-19 Unknow
1999-11-19 Unknow

- 解决方案

Use access control to filter incoming traffic to port 80 on this device, or disable the Phaserlink web server on the printer.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Tektronix PhaserLink Webserver Vulnerability
Access Validation Error 806
Yes No
1999-11-17 12:00:00 2009-07-11 12:56:00
This bug was discovered and posted to the Bugtraq mailing list by Dennis W. Mattison <dwmatt@nosc.mil> on Tue, 16 Nov 1999.

- 受影响的程序版本

Tektronix Phaser Network Printer 930
Tektronix Phaser Network Printer 840
Tektronix Phaser Network Printer 750DP
Tektronix Phaser Network Printer 750
Tektronix Phaser Network Printer 740

- 漏洞讨论

Certain versions of the Tektronix PhaserLink printer ship with a webserver designed to help facilitate configuration of the device. This service is essentially administrator level access as it can completely modify the system characteristics, restart the machine, asign services etc.

In at least one version of this printer there are a series of undocumented URL's which will allow remote users to retrieve the administrator password. Once the password is obtained by the user, they can manipulate the printer in any way they see fit.

- 漏洞利用

To obtain the administrator password:

http://printername/ncl_items.html?SUBJECT=2097

- 解决方案

1. Block Port 80 access to this printer via a router or firewall. This will prevent access to this software from those outside the network. Also, since very rarely will anyone print from outside the local network, setting the default gateway be the same as the IP address will keep outside users from exploiting this service.

2. Disable the PhaserLink Webserver on the printer. This can be accomplished through the control panel, switching the HTTP Protocol to Disabled (Under Printer Configuration | Network Settings | HTTP), but it can also be accomplished via the URL http://printername/ncl_items?SUBJECT=2097, then switch the setting "On" to off.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站