Alexis Server Web access sends sensitive information in plain text
| alexis-http-plaintext-information (7205) |  High Risk |
Description:
Alexis could allow a remote attacker to obtain valid usernames and passwords. The Web access component opens a Java Applet during authentication and transmits the username and password in plain text back to the server on port 8888. If a remote attacker uses a sniffing tool once this information is being transmitted, the attacker can obtain the username and password and gain unauthorized access to voice mail and other services.
Consequences:
Gain Access
Remedy:
No remedy available as of July 9, 2011.
References:
- BugTraq Mailing List, Thu Sep 27 2001 - 18:53:04 CDT: Two problems with Alexis/InternetPBX from COM2001.
- BID-3373: COM2001 Alexis Server Web Access Plaintext Password Vulnerabilty
- CVE-2001-1253: Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.ini file, which could allow local users to make long distance calls as other users.
- CVE-2001-1254: Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing.
Platforms Affected:
- COM2001 Alexis Server 2.0
- COM2001 Alexis Server 2.1
Reported:
Sep 27, 2001
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net