发布时间 :2005-11-16 02:42:00
修订时间 :2017-07-10 21:33:10

[原文]The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows remote attackers to gain access.

[CNNVD]Debian Horde默认管理员空密码漏洞(CNNVD-200511-160)

        Horde 是个以PHP为基础的架构,用于创建网络应用程序。
        Horde 3.0.4的默认安装包含具有空白密码的管理帐户,这可让远程攻击者获得访问权。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(PATCH)  BID  15337
(UNKNOWN)  XF  horde-default-account(24576)

- 漏洞信息

Debian Horde默认管理员空密码漏洞
危急 设计错误
2005-11-16 00:00:00 2006-08-31 00:00:00
        Horde 是个以PHP为基础的架构,用于创建网络应用程序。
        Horde 3.0.4的默认安装包含具有空白密码的管理帐户,这可让远程攻击者获得访问权。

- 公告与补丁


- 漏洞信息 (F41378)

Debian Linux Security Advisory 884-1 (PacketStormID:F41378)
2005-11-08 00:00:00

Debian Security Advisory DSA 884-1 - Mike O'Connor discovered that the default installation of Horde3 on Debian includes an administrator account without a password. Already configured installations will not be altered by this update.

Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 884-1                                        Martin Schulze
November 7th, 2005            
- --------------------------------------------------------------------------

Package        : horde3
Vulnerability  : design error
Problem type   : remote
Debian-specific: yes
CVE ID         : CVE-2005-3344
Debian Bugs    : 332290 332289

Mike O'Connor discovered that the default installation of Horde3 on
Debian includes an administrator account without a password.  Already
configured installations will not be altered by this update.

The old stable distribution (woody) does not contain horde3 packages.

For the stable distribution (sarge) this problem has been fixed in
version 3.0.4-4sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 3.0.5-2

We recommend that you verify your horde3 admin account if you have
installed Horde3.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:
      Size/MD5 checksum:      627 cc9b46f4b5a4f4a514ecbc51d9eb3a58
      Size/MD5 checksum:     6751 b0e7fb95efe86aeb42cfd0b478dd312b
      Size/MD5 checksum:  3378143 e2221d409ba1c8841ce4ecee981d7b61

  Architecture independent components:
      Size/MD5 checksum:  3432038 671d10d028345c0cfc133cc0504a2d50

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show <pkg>' and<pkg>

Version: GnuPG v1.4.2 (GNU/Linux)



- 漏洞信息

Horde Admin Account Default Null Password
Remote / Network Access Authentication Management
Loss of Confidentiality, Loss of Integrity
Exploit Public

- 漏洞描述

By default, Horde installs with a default password if configuration is started, but aren't completed. The admin account has a blank password which is publicly known and documented. This allows attackers to trivially access the program or system.

- 时间线

2005-11-07 Unknow
2005-11-07 Unknow

- 解决方案

If you have vulnerable Horde 3.0.4 installation for Debian Upgrade to version 3.0.4-4sarge1 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: complete horde configuration by configuring an authentication backend.

- 相关参考

- 漏洞作者

- 漏洞信息

Debian Horde Default Administrator Password Vulnerability
Design Error 15337
Yes No
2005-11-07 12:00:00 2005-11-07 12:00:00
Mike O'Connor is credited with the discovery of this vulnerability. This issue was announced in the referenced Debian advisory.

- 受影响的程序版本

Debian horde 3.0.4
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1

- 漏洞讨论

The default Horde3 installation for Debian has a blank administrator password.

A local or remote attacker can exploit this vulnerability to gain administrative access to the affected application. This may aid an attacker in further attacks against the underlying system; other attacks are also possible.

This issue is specific to Debian Linux installations of the Horde3 application.

- 漏洞利用

No exploit is required.

- 解决方案

Debian Linux has released security advisory DSA 884-1 with fixes addressing this issue. Please see the referenced advisory for further information.

Debian horde 3.0.4

- 相关参考