CVE-2002-0114
CVSS4.6
发布时间 :2002-03-25 00:00:00
修订时间 :2012-03-29 21:14:51
NMCOS    

[原文]EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.


[CNNVD]Legato NetWorker明文日志文件漏洞(CNNVD-200203-080)

        
        Legato NetWorker是一个服务器软件包,用来在异种网络之间共享数据、媒体并进行备份。Legato NetWorker可运行一些UNIX变种和Windows NT/2000平台。
        Legato NetWorker存在设计问题,可以使本地攻击者访问到一些敏感信息,比如用户名和口令。
        在Legato NetWorker软件中,一些敏感信息如用户名和口令被放在明文的日志里。默认情况下,日志文件创建时是全局可读的。本地攻击者可以通过查看日志来获得这些信息以取得对网络上其他主机的访问,并有可能提升自己的权限。这个漏洞在6.1版的Legato NetWorker被发现,但很有可能其他版本的Legato NetWorker软件也受影响。
        

- CVSS (基础分值)

CVSS分值: 4.6 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0114
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0114
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200203-080
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/3842
(UNKNOWN)  BID  3842
http://www.iss.net/security_center/static/7898.php
(VENDOR_ADVISORY)  XF  legato-nsrd-log-plaintext(7898)
http://online.securityfocus.com/archive/1/249420
(VENDOR_ADVISORY)  BUGTRAQ  20020110 Legato Vulnerable

- 漏洞信息

Legato NetWorker明文日志文件漏洞
中危 设计错误
2002-03-25 00:00:00 2006-09-21 00:00:00
本地  
        
        Legato NetWorker是一个服务器软件包,用来在异种网络之间共享数据、媒体并进行备份。Legato NetWorker可运行一些UNIX变种和Windows NT/2000平台。
        Legato NetWorker存在设计问题,可以使本地攻击者访问到一些敏感信息,比如用户名和口令。
        在Legato NetWorker软件中,一些敏感信息如用户名和口令被放在明文的日志里。默认情况下,日志文件创建时是全局可读的。本地攻击者可以通过查看日志来获得这些信息以取得对网络上其他主机的访问,并有可能提升自己的权限。这个漏洞在6.1版的Legato NetWorker被发现,但很有可能其他版本的Legato NetWorker软件也受影响。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 在Unix系统中设置日志目录/nsr/logs到700属性。
        厂商补丁:
        Legato
        ------
        目前厂商已经在6.1.1版本的软件中修补了这个漏洞,我们建议使用此软件的用户到厂商的主页获取最新版本:
        
        http://www.legato.com/

- 漏洞信息

14328
Legato NetWorker daemon.log Cleartext Password Disclosure
Cryptographic, Information Disclosure
Loss of Confidentiality

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-01-10 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Legato NetWorker Plaintext Log File Vulnerability
Design Error 3842
No Yes
2002-01-10 12:00:00 2009-07-11 09:56:00
This vulnerability was discovered by "Venkatesh babu Sira" <vsira@hotmail.com> and submitted to BugTraq on January 10th, 2002.

- 受影响的程序版本

Legato NetWorker 6.1
- Compaq Tru64 5.1
- Compaq Tru64 5.0 a
- Compaq Tru64 4.0 g
- HP HP-UX 11.0
- HP HP-UX 10.30
- HP HP-UX 10.20
- IBM AIX 4.3.3
- IBM AIX 4.3.2
- IBM AIX 4.3.1
- IBM AIX 4.3
- Microsoft Windows 2000 Professional
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Novell Netware 5.1
- Novell Netware 5.0
- Novell Netware 4.11
- Sun Solaris 8_sparc
- Sun Solaris 7.0
- Sun Solaris 2.6

- 漏洞讨论

Legato NetWorker is a server package designed to help share data, media and backup processes across a heterogeneous network. The Legato NetWorker server will run on a number of Unix variants, as well as Microsoft Windows NT/2000 systems.

Extremely sensitive information is stored in plaintext in logs, such as authentication credentials (username/password) for systems that have been backed up. A local attacker able to peruse the contents of the log files may be able to use such information to gain access to other hosts on the network, possibly with elevated privileges.

This issue is further compounded by the fact Legato NetWorker, by default, creates log files with world-readable permissions. This additional vulnerability is described in BugTraq ID 3840 "Legato NetWorker Insecure Log Permissions Vulnerability".

This vulnerability was discovered in Legato NetWorker 6.1 and has not been confirmed with other versions. However, the possibility that other versions are affected shouldn't be ruled out.

- 漏洞利用

There is no exploit code required.

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站