| CVE-2002-1654 |
|
发布时间 :2002-12-31 00:00:00 | ||
| 修订时间 :2017-07-10 21:29:18 | ||||
| NMCO |
[原文]iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection.
[CNNVD]Netscape企业Web服务器蛮力授权攻击漏洞(CNNVD-200212-596)
iPlanet Web服务器企业版和 Netscape企业版服务器4.0和4.1版本存在漏洞。远程攻击者可以借助wp-force-auth Web Publisher命令执行HTTP基本认证,该漏洞提供不同的攻击向量并可能更容易在无探测时执行暴力密码猜测。
- CVSS (基础分值)
| CVSS分值: | 7.5 | [严重(HIGH)] |
| 机密性影响: | [--] | |
| 完整性影响: | [--] | |
| 可用性影响: | [--] | |
| 攻击复杂度: | [--] | |
| 攻击向量: | [--] | |
| 身份认证: | [--] |
- CPE (受影响的平台与产品)
| cpe:/a:iplanet:iplanet_web_server:enterprise_4.0 | |
| cpe:/a:netscape:enterprise_server:2.0 | Netscape Netscape Enterprise Server 2.0 |
| cpe:/a:netscape:enterprise_server:3.0 | Netscape Netscape Enterprise Server 3.0 |
| cpe:/a:netscape:enterprise_server:3.5 | Netscape Netscape Enterprise Server 3.5 |
| cpe:/a:iplanet:iplanet_web_server:enterprise_4.1 | |
| cpe:/a:netscape:enterprise_server:3.6 | Netscape Netscape Enterprise Server 3.6 |
| cpe:/a:netscape:enterprise_server:3.1 | Netscape Netscape Enterprise Server 3.1 |
| cpe:/a:netscape:enterprise_server:3.2 | Netscape Netscape Enterprise Server 3.2 |
| cpe:/a:iplanet:iplanet_web_server:6.0 | |
| cpe:/a:netscape:enterprise_server:3.3 | Netscape Netscape Enterprise Server 3.3 |
| cpe:/a:netscape:enterprise_server:3.4 | Netscape Netscape Enterprise Server 3.4 |
- OVAL (用于检测的技术细节)
| 未找到相关OVAL定义 |
- 官方数据库链接
- 其它链接及资源
|
http://lists.virus.org/vulnwatch-0201/msg00008.html (PATCH) VULNWATCH 20020109 Netscape publishing wp-force-auth command |
|
http://securitytracker.com/id?1003157 (PATCH) SECTRACK 1003157 |
|
http://www.kb.cert.org/vuls/id/985347 (PATCH) CERT-VN VU#985347 |
|
http://www.kb.cert.org/vuls/id/AAMN-567NFX (UNKNOWN) CONFIRM http://www.kb.cert.org/vuls/id/AAMN-567NFX |
|
http://www.securiteam.com/securitynews/5IP0G0060Q.html (PATCH) MISC http://www.securiteam.com/securitynews/5IP0G0060Q.html |
|
http://www.securityfocus.com/bid/3831 (PATCH) BID 3831 |
|
https://exchange.xforce.ibmcloud.com/vulnerabilities/7845 (UNKNOWN) XF netscape-enterprise-http-brute-force(7845) |
- 漏洞信息
| Netscape企业Web服务器蛮力授权攻击漏洞 | |
| 高危 | 设计错误 |
| 2002-12-31 00:00:00 | 2006-09-05 00:00:00 |
| 远程 | |
| iPlanet Web服务器企业版和 Netscape企业版服务器4.0和4.1版本存在漏洞。远程攻击者可以借助wp-force-auth Web Publisher命令执行HTTP基本认证,该漏洞提供不同的攻击向量并可能更容易在无探测时执行暴力密码猜测。 | |
- 公告与补丁
|
The following solution has been taken from the iPlanet Knowledge Base Article ID: 7764: When you enable web publishing, you should treat the web server as an environment that must be secured. Ensure that users follow proper password policies such as using hard to guess passwords. If intruder detection software is used, it should be configured to check for ?wp-force-auth requests. HTTP basic authentication is generally not considered a secure mechanism and should be run over a SSL-enabled port. In addition, access logs should be monitored for suspicious requests. A better alternative would be to use client certificates, which are much more secure. |
- 漏洞信息
| 13305 | |
| Netscape / iPlanet Web Server ?wp-force-auth Brute Force Weakness | |
- 漏洞描述
Unknown or Incomplete |
- 时间线
| 2002-01-08 | Unknow |
| Unknow | Unknow |
- 解决方案
Unknown or Incomplete |
- 相关参考
|
漏洞作者
| Unknown or Incomplete |
We must accept finite disappointment, but we must never lose infinite hope.