Sun Solaris AnswerBook2 administration interface
| solaris-answerbook2-admin-interface (5069) |  High Risk |
Description:
Sun Solarcould allow an unauthorized user to access the administration interface. Due to improper authentication checking on specific CGI scripts, an unauthorized user could create a new user by passing values to the CGI without being authenticated. An unauthorized user could use this to read files and gain control over content.
Consequences:
Gain Access
Remedy:
Apply the appropriate patch for your system, as listed in Sun Microsystems, Inc. Security Bulletin #00196. See References.
For Sun Solaris:
Upgrade to Answerbook 2 Documentation Server (1.4.2), and apply the appropriate patch for your system, as listed in Sun Alert ID: 23412. See References.
(Sparc)
Solaris 8: 110011-02 or later
(x86 platform)
Solaris 8: 110012-02 or later
As a workaround, refer to Sun Alert ID: 23412 for more information.
For other distributions:
Contact your vendor for upgrade or patch information.
References:
- BugTraq Mailing List, Tue Aug 08 2000 - 02:48:04 CDT: Vulnerabilities in Sun Solaris AnswerBook2 dwhttpd server.
- CIAC Information Bulletin L-031: Sun AnswerBook2 Vulnerability.
- CIAC Information Bulletin O-012: Sun Vulnerability in Solaris "AnswerBook2 Documentation" Server Daemon.
- Sun Alert ID: 23412: Vulnerability in Solaris "AnswerBook2 Documentation" Server Daemon.
- Sun Microsystems, Inc. Security Bulletin #00196: AnswerBook2.
- BID-1554: Solaris AnswerBook2 Administration Interface Access Vulnerability
- CVE-2000-0696: The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.
Platforms Affected:
- Sun Solaris 8
- Sun Solaris AnswerBook2
Reported:
Aug 08, 2000
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net