CVE-2004-0311
CVSS10.0
发布时间 :2004-11-23 00:00:00
修订时间 :2016-10-17 22:43:36
NMCOS    

[原文]American Power Conversion (APC) Web/SNMP Management SmartSlot Card 3.0 through 3.0.3 and 3.21 are shipped with a default password of TENmanUFactOryPOWER, which allows remote attackers to gain unauthorized access.


[CNNVD]APC SmartSlot Web/SNMP管理卡默认密码漏洞(CNNVD-200411-048)

        
        APC SmartSwitch和UPS包含WEB和SNMP管理卡,允许进行设备控制管理。
        APC SmartSlot Web/SNMP管理接口存在默认密码,远程攻击者可以利用这个漏洞使用此默认密码进行管理。
        APC SmartSlot Web/SNMP管理接口包含默认密码,用户telnet或通过串口连接管理接口,可使用任意用户名并采用TENmanUFactOryPOWER密码,可以访问设备获得EEPROM中的所有内容并控制管理设备。
        

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/h:apc:ap9606:3.0APC WEB SNMP Management Card 9606 Firmware 3.0
cpe:/h:apc:ap9606:3.0.1APC WEB SNMP Management Card 9606 Firmware 3.0.1

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0311
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0311
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200411-048
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=107703696631367&w=2
(UNKNOWN)  BUGTRAQ  20040216 APC 9606 SmartSlot Web/SNMP management card "backdoor"
http://marc.info/?l=bugtraq&m=107721020803565&w=2
(UNKNOWN)  BUGTRAQ  20040219 Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor"
http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=3131&p_created=1077139129
(UNKNOWN)  CONFIRM  http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=3131&p_created=1077139129
http://www.securityfocus.com/bid/9681
(VENDOR_ADVISORY)  BID  9681
http://xforce.iss.net/xforce/xfdb/15238
(VENDOR_ADVISORY)  XF  apc-smartslot-default-password(15238)

- 漏洞信息

APC SmartSlot Web/SNMP管理卡默认密码漏洞
危急 设计错误
2004-11-23 00:00:00 2005-10-20 00:00:00
远程  
        
        APC SmartSwitch和UPS包含WEB和SNMP管理卡,允许进行设备控制管理。
        APC SmartSlot Web/SNMP管理接口存在默认密码,远程攻击者可以利用这个漏洞使用此默认密码进行管理。
        APC SmartSlot Web/SNMP管理接口包含默认密码,用户telnet或通过串口连接管理接口,可使用任意用户名并采用TENmanUFactOryPOWER密码,可以访问设备获得EEPROM中的所有内容并控制管理设备。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 关闭Telnet服务,通过WEB接口管理telnet服务,必须在设备重新启动后才关闭。
        厂商补丁:
        APC
        ---
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        APC WEB/SNMP Management Card (9606) Firmware 3.0:
        APC Upgrade sa2988_patch
        
        http://www.apc.com/go/direct/index.cfm?tag=sa2988_patch

        APC WEB/SNMP Management Card (9606) Firmware 3.0.1:
        APC Upgrade sa2988_patch
        
        http://www.apc.com/go/direct/index.cfm?tag=sa2988_patch

- 漏洞信息

3985
APC SmartSlot Web/SNMP Management Card Default Password
Remote / Network Access Authentication Management, Information Disclosure
Loss of Integrity Change Default Setting
Exploit Public

- 漏洞描述

By default, APC Smartslot Web/SNMP Management Card ships with a default password. An attacker can supply any account name and a password of TENmanUFactOryPOWER which is publicly known and documented. This allows attackers to trivially access the program or system.

- 时间线

2004-02-18 2003-08-12
Unknow Unknow

- 解决方案

Upgrade to latest firmware for your hardware, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

APC SmartSlot Web/SNMP Management Card Default Password Vulnerability
Design Error 9681
Yes No
2004-02-17 12:00:00 2009-07-12 03:06:00
Discovery of this vulnerability has been credited to Dave Tarbatt <bugtraq@always.sniffing.net>.

- 受影响的程序版本

APC WEB/SNMP Management Card (9606) Firmware 3.0.1
APC WEB/SNMP Management Card (9606) Firmware 3.0

- 漏洞讨论

APC SmartSlot Web/SNMP Management Card has been reported prone to a default password vulnerability. This password is reportedly used during initial card configuration, prior to public distribution. It has been reported that an attacker may access any of the affected services, if they are available, by using the default password.

The impact of this issue may be exaggerated if the same authentication credentials are used to access multiple hosts.

- 漏洞利用

A proof of concept demonstration is available in the referenced advisory.

- 解决方案

APC has released a security advisory dealing with this issue. Please see the reference section for more details.


APC WEB/SNMP Management Card (9606) Firmware 3.0

APC WEB/SNMP Management Card (9606) Firmware 3.0.1

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站