CVE-2001-1356
CVSS10.0
发布时间 :2001-08-04 00:00:00
修订时间 :2008-09-05 16:26:20
NMCOS    

[原文]NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021.


[CNNVD]SurgeFTP 脆弱密码加密漏洞(CNNVD-200108-029)

        CVE(CAN) ID: CAN-2001-1356
        
        
        
        SurgeFTP是由NetWin发布的Windows和UNIX平台下的FTP服务器软件。
        
        
        
        由于SurgFTP的密码使用脆弱的散列算法加密,并且使用单一固定的salt,导致攻击者
        
        可以快速对管理员密码进行穷举破解,而且用一个密码密文可能对应多个不同的密码明
        
        文。
        
        
        
        

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:netwin:surgeftp:2.0e
cpe:/a:netwin:surgeftp:2.0c
cpe:/a:netwin:surgeftp:2.0f
cpe:/a:netwin:surgeftp:2.0d
cpe:/a:netwin:surgeftp:2.0b
cpe:/a:netwin:surgeftp:2.0a

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1356
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1356
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200108-029
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/3157
(VENDOR_ADVISORY)  BID  3157
http://www.iss.net/security_center/static/6961.php
(VENDOR_ADVISORY)  XF  surgeftp-weak-password-encryption(6961)
http://online.securityfocus.com/archive/1/201951
(VENDOR_ADVISORY)  BUGTRAQ  20010804 SurgeFTP admin account bruteforcable

- 漏洞信息

SurgeFTP 脆弱密码加密漏洞
危急 设计错误
2001-08-04 00:00:00 2005-10-20 00:00:00
远程  
        CVE(CAN) ID: CAN-2001-1356
        
        
        
        SurgeFTP是由NetWin发布的Windows和UNIX平台下的FTP服务器软件。
        
        
        
        由于SurgFTP的密码使用脆弱的散列算法加密,并且使用单一固定的salt,导致攻击者
        
        可以快速对管理员密码进行穷举破解,而且用一个密码密文可能对应多个不同的密码明
        
        文。
        
        
        
        

- 公告与补丁

        
        
        
        
        厂商补丁:
        
        
        
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商
        
        的主页以获取最新版本:
        
        
        http://netwinsite.com/

        

- 漏洞信息

5560
NetWin SurgeFTP Weak Password Hashing
Remote / Network Access Authentication Management
Loss of Confidentiality, Loss of Integrity
Exploit Public

- 漏洞描述

NetWin SurgeFTP contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to SurgeFTP encrypted passwords when a malicious attacker uses brute force password cracking techniques against its single fixed salting method, which may lead to a loss of confidentiality and integrity.

- 时间线

2001-08-04 2001-08-04
2001-08-04 Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

SurgeFTP Weak Password Encryption Vulnerability
Design Error 3157
Yes No
2001-08-04 12:00:00 2009-07-11 07:56:00
Discovered by ByteRage <byterage@yahoo.com>.

- 受影响的程序版本

NetWin SurgeFTP 2.0 f
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
NetWin SurgeFTP 2.0 e
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
NetWin SurgeFTP 2.0 d
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
NetWin SurgeFTP 2.0 c
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0
NetWin SurgeFTP 2.0 b
- Debian Linux 2.2
- Mandriva Linux Mandrake 7.2
- Microsoft Windows 2000 Professional
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- RedHat Linux 7.0
- S.u.S.E. Linux 7.0
- Sun Solaris 8_sparc
- Sun Solaris 7.0
NetWin SurgeFTP 2.0 a
- Debian Linux 2.2
- Mandriva Linux Mandrake 7.2
- Microsoft Windows 2000 Professional
- Microsoft Windows 98
- Microsoft Windows NT 4.0
- RedHat Linux 7.0
- S.u.S.E. Linux 7.0
- Sun Solaris 8_sparc
- Sun Solaris 7.0

- 漏洞讨论

SurgeFTP is an ftp server for Windows and Unix platforms offered by NetWin.

SurgeFTP uses weak password hashing that allows for fast brute force cracking of the administrator password. The problem is that a single fixed salting method is used. This narrows the possible hash values and causes some hashes to correspond to multiple passwords.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站