Disclosure Vulnerability in Netscape Web Publisher

Reported January 9, 2001, by Chris Wysopal.

VERSIONS AFFECTED

  • Netscape Enterprise Server 4.0 Service Pack 2 up to 4.1 Service Pack 8 for Windows 2000 and Windows NT

 

DESCRIPTION
A vulnerability exists in a Netscape Enterprise’s Web Publishing that lets an attacker use brute force to access user names and passwords that the system has stored. By using the Web Publishing command “?wp-force-auth in conjunction with an HTTP Get Authorization:Basic Header with Base 64 usernames/passwords, an intruder can obtain a valid username/password combination from the directory.

 

VENDOR RESPONSE

The vendor, iPlanet, acknowledges this vulnerability and has released a knowledge base article on this issue. iPlanet further recommends that affected users disable the Web Publishing and Directory Indexing features on externally accessible systems and add the ?wp-force-auth command to Intrusion Detection System (IDS) patterns.

 

CREDIT
Discovered by Richard Brain.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish