CVE-2005-3344
CVSS10.0
发布时间 :2005-11-16 02:42:00
修订时间 :2008-09-05 16:54:07
NMCOPS    

[原文]The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows remote attackers to gain access.


[CNNVD]Debian Horde默认管理员空密码漏洞(CNNVD-200511-160)

        Horde 是个以PHP为基础的架构,用于创建网络应用程序。
        Horde 3.0.4的默认安装包含具有空白密码的管理帐户,这可让远程攻击者获得访问权。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3344
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3344
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200511-160
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/15337/
(PATCH)  BID  15337
http://www.debian.org/security/2005/dsa-884
(VENDOR_ADVISORY)  DEBIAN  DSA-884
http://xforce.iss.net/xforce/xfdb/24576
(UNKNOWN)  XF  horde-default-account(24576)
http://www.osvdb.org/24117
(UNKNOWN)  OSVDB  24117
http://www.networkscanning.com/Horde-Default-Admin-Password-Vulnerability-VSS_20171.html
(UNKNOWN)  MISC  http://www.networkscanning.com/Horde-Default-Admin-Password-Vulnerability-VSS_20171.html

- 漏洞信息

Debian Horde默认管理员空密码漏洞
危急 设计错误
2005-11-16 00:00:00 2006-08-31 00:00:00
远程  
        Horde 是个以PHP为基础的架构,用于创建网络应用程序。
        Horde 3.0.4的默认安装包含具有空白密码的管理帐户,这可让远程攻击者获得访问权。

- 公告与补丁

        暂无数据

- 漏洞信息 (F41378)

Debian Linux Security Advisory 884-1 (PacketStormID:F41378)
2005-11-08 00:00:00
Debian  security.debian.org
advisory
linux,debian
CVE-2005-3344
[点击下载]

Debian Security Advisory DSA 884-1 - Mike O'Connor discovered that the default installation of Horde3 on Debian includes an administrator account without a password. Already configured installations will not be altered by this update.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 884-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
November 7th, 2005                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : horde3
Vulnerability  : design error
Problem type   : remote
Debian-specific: yes
CVE ID         : CVE-2005-3344
Debian Bugs    : 332290 332289

Mike O'Connor discovered that the default installation of Horde3 on
Debian includes an administrator account without a password.  Already
configured installations will not be altered by this update.

The old stable distribution (woody) does not contain horde3 packages.

For the stable distribution (sarge) this problem has been fixed in
version 3.0.4-4sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 3.0.5-2

We recommend that you verify your horde3 admin account if you have
installed Horde3.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/h/horde3/horde3_3.0.4-4sarge1.dsc
      Size/MD5 checksum:      627 cc9b46f4b5a4f4a514ecbc51d9eb3a58
    http://security.debian.org/pool/updates/main/h/horde3/horde3_3.0.4-4sarge1.diff.gz
      Size/MD5 checksum:     6751 b0e7fb95efe86aeb42cfd0b478dd312b
    http://security.debian.org/pool/updates/main/h/horde3/horde3_3.0.4.orig.tar.gz
      Size/MD5 checksum:  3378143 e2221d409ba1c8841ce4ecee981d7b61

  Architecture independent components:

    http://security.debian.org/pool/updates/main/h/horde3/horde3_3.0.4-4sarge1_all.deb
      Size/MD5 checksum:  3432038 671d10d028345c0cfc133cc0504a2d50


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDbxYnW5ql+IAeqTIRAp50AKCu2u8rU/MHoFT+vgl7mRFrEGp8kACgtEBh
NQhwCmoAsCjYCSlFbpsYcrU=
=uGyV
-----END PGP SIGNATURE-----

    

- 漏洞信息

24117
Horde Admin Account Default Null Password
Remote / Network Access Authentication Management
Loss of Confidentiality, Loss of Integrity
Exploit Public

- 漏洞描述

By default, Horde installs with a default password if configuration is started, but aren't completed. The admin account has a blank password which is publicly known and documented. This allows attackers to trivially access the program or system.

- 时间线

2005-11-07 Unknow
2005-11-07 Unknow

- 解决方案

If you have vulnerable Horde 3.0.4 installation for Debian Upgrade to version 3.0.4-4sarge1 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: complete horde configuration by configuring an authentication backend.

- 相关参考

- 漏洞作者

- 漏洞信息

Debian Horde Default Administrator Password Vulnerability
Design Error 15337
Yes No
2005-11-07 12:00:00 2005-11-07 12:00:00
Mike O'Connor is credited with the discovery of this vulnerability. This issue was announced in the referenced Debian advisory.

- 受影响的程序版本

Debian horde 3.0.4
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1

- 漏洞讨论

The default Horde3 installation for Debian has a blank administrator password.

A local or remote attacker can exploit this vulnerability to gain administrative access to the affected application. This may aid an attacker in further attacks against the underlying system; other attacks are also possible.

This issue is specific to Debian Linux installations of the Horde3 application.

- 漏洞利用

No exploit is required.

- 解决方案

Debian Linux has released security advisory DSA 884-1 with fixes addressing this issue. Please see the referenced advisory for further information.


Debian horde 3.0.4

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站