CVE-2001-0870
CVSS5.0
发布时间 :2001-12-21 00:00:00
修订时间 :2016-10-17 22:12:38
NMCOS    

[原文]HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.ini file.


[CNNVD]Alchemy Eye系统信息泄漏漏洞(CNNVD-200112-122)

        CVE(CAN) ID: CAN-2001-0870
        
        
        
         Alchemy Eye是一个Windows平台下的网络监控软件,由Alchemy Labs维护。
        
        
        
         Alchemy Eye有一个内建的HTTP服务器,用于监视和控制。这个HTTP服务器默认没有口
        
        令,攻击因此可以连接到服务器查看日志文件,日志文件中可能有一些关于网络结构的信息,
        
        从而有助于其对系统进一步攻击。
        
        
        
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:alchemy_lab:alchemy_eye:1.9
cpe:/a:alchemy_lab:alchemy_eye:2.6
cpe:/a:alchemy_lab:alchemy_eye:2.6.18
cpe:/a:dek_software:alchemy_network_monitor:2.6.18
cpe:/a:alchemy_lab:alchemy_eye:2.4
cpe:/a:alchemy_lab:alchemy_eye:2.5
cpe:/a:alchemy_lab:alchemy_eye:2.2
cpe:/a:alchemy_lab:alchemy_eye:2.3
cpe:/a:alchemy_lab:alchemy_eye:2.0
cpe:/a:alchemy_lab:alchemy_eye:2.1

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0870
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0870
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200112-122
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=100715758109838&w=2
(UNKNOWN)  BUGTRAQ  20011130 Rapid 7 Advisory R7-0002: Alchemy Eye Remote Unauthenticated Log Viewing
http://www.securityfocus.com/bid/3598
(VENDOR_ADVISORY)  BID  3598
http://xforce.iss.net/static/7630.php
(UNKNOWN)  XF  alchemy-http-view-log(7630)

- 漏洞信息

Alchemy Eye系统信息泄漏漏洞
中危 访问验证错误
2001-12-21 00:00:00 2005-10-20 00:00:00
远程  
        CVE(CAN) ID: CAN-2001-0870
        
        
        
         Alchemy Eye是一个Windows平台下的网络监控软件,由Alchemy Labs维护。
        
        
        
         Alchemy Eye有一个内建的HTTP服务器,用于监视和控制。这个HTTP服务器默认没有口
        
        令,攻击因此可以连接到服务器查看日志文件,日志文件中可能有一些关于网络结构的信息,
        
        从而有助于其对系统进一步攻击。
        
        
        
        

- 公告与补丁

        
        
        临时解决方法:
        
        
        
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        
        
        
         * 在选项中禁掉HTTP界面的使用。
        
        
        
         * 控制可以使用HTTP界面的IP范围,或者设置HTTP认证,确信只有可信任的用户可以
        
         访问HTTP管理界面。
        
        
        
        厂商补丁:
        
        
        
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商
        
        的主页以获取最新版本:
        
        
        http://www.alchemy-lab.com/products/eye/

- 漏洞信息

11639
Alchemy Eye / Network Monitor HTTP Server eye.ini Unauthenticated Information Disclosure
Information Disclosure
Loss of Confidentiality

- 漏洞描述

Unknown or Incomplete

- 时间线

2001-11-30 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Alchemy Remote Network Log Viewing Vulnerability
Access Validation Error 3598
Yes No
2001-11-29 12:00:00 2009-07-11 09:06:00
This vulnerability was announced in a Rapid 7 Advisory posted to Bugtraq on November 30, 2001.

- 受影响的程序版本

Alchemy Lab Alchemy Eye 2.6.18
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Alchemy Lab Alchemy Eye 2.6
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Alchemy Lab Alchemy Eye 2.5
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Alchemy Lab Alchemy Eye 2.4
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Alchemy Lab Alchemy Eye 2.3
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Alchemy Lab Alchemy Eye 2.2
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Alchemy Lab Alchemy Eye 2.1
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Alchemy Lab Alchemy Eye 2.0
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Alchemy Lab Alchemy Eye 1.9
Alchemy Lab Alchemy Eye 3.0
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Alchemy Lab Alchemy Eye 2.6.19

- 不受影响的程序版本

Alchemy Lab Alchemy Eye 3.0
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Alchemy Lab Alchemy Eye 2.6.19

- 漏洞讨论

Alchemy is a Eye and Alchemy Network Monitor are both products based off the Alchemy Eye network management and server monitoring tool.

Alchemy Eye based products include an HTTP server, which is started by default. However, the web server does not set a password by default. This makes it possible for any user to connect to the web server and view log files. These log files may contain sensitive information about network structure, or other hosts on the network.

This problem makes it possible for a remote user to launch an information gathering attack, and could lead to organized attack against network resources.

- 漏洞利用

No exploit is required for this vulnerability.

- 解决方案

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站