[NT] Xitami Web Server Plaintext Administrator Password Storage
From: support@securiteam.comDate: 06/21/02
- Previous message: support@securiteam.com: "[NEWS] XSS in Audiogalaxy.com"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Fri, 21 Jun 2002 07:32:07 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Xitami Web Server Plaintext Administrator Password Storage
------------------------------------------------------------------------
SUMMARY
<http://www.imatix.com/> Xitami is a multithreaded Web server. Though
small and simple, Xitami is robust enough to handle high-volume intranets.
Built from the ground up as a high-performance Web server engine, it pumps
data onto the network at top speed. This means that it can serve large
files quickly while handling many simultaneous hits. The vulnerability
manifest itself in the way the product poorly protects its administrator
password.
DETAILS
Vulnerable systems:
* Xitami Web Server version 2.5b4
Any local user could head out to the C:\Xitami directory (where usually
the installation directory sits), and open up the "defaults.aut" a file.
This file has the administrators user/password saved in plain text.
Example:
Here is what the file looks like:
----------------------------
# Created at installation time
#
[/Admin]
bob="lemonhead"
[Private]
Jacky=robusta
----------------------------
ADDITIONAL INFORMATION
The information has been provided by <mailto:shellcode@attbi.com> ace.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NEWS] XSS in Audiogalaxy.com"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- [TOOL] WebServerFP, Web Server Fingerprint Tool
... HTTP code ... Currently only limited amounts of web server types are
available. ... The information in this bulletin is provided "AS IS" without warranty of
any kind. ... In no event shall we be liable for any damages whatsoever including direct,
indirect, incidental, consequential, loss of business profits or special damages. ... (Securiteam) - [TOOL] Malloc() WebMiner, Web Server File and Directory Enumerator (Miner)
... to our service provider team. ... used to find common web server exposures
and also ... The information in this bulletin is provided "AS IS" without warranty of any
kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect,
incidental, consequential, loss of business profits or special damages. ... (Securiteam) - [NEWS] Xitami CGI Processing Failure Vulnerability
... An error in the way Xitami handles script processing ... iMatix support
was notified 1 month ago, ... The information in this bulletin is provided "AS IS" without
warranty of any kind. ... In no event shall we be liable for any damages whatsoever including
direct, indirect, incidental, consequential, loss of business profits or special damages. ...
(Securiteam) - [NEWS] WebReflex Directory Traversal Vulnerability
... allows remote attackers to traverse beyond the normally bound HTML root ...
directory provided by the web server. ... The information in this bulletin is provided
"AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever
including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
(Securiteam) - [NT] Dinos Web Server Directory Traversal Vulnerability
... The following security advisory is sent to the securiteam mailing list, and can be found at
the SecuriTeam web site: http://www.securiteam.com ... A vulnerability has been discovered
in Dino's web server ... The information in this bulletin is provided "AS IS" without
warranty of any kind. ... In no event shall we be liable for any damages whatsoever including
direct, indirect, incidental, consequential, loss of business profits or special damages. ...
(Securiteam)
