a prompt from a netscape 4.1 entrprise server
From: nobody (pentester@yahoo.com)Date: 10/16/02
- Previous message: Patrick MacDanel: "revised data for scoopLM capture"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 16 Oct 2002 07:23:41 -0700 (PDT) From: nobody <pentester@yahoo.com> To: pentest_list <pen-test@securityfocus.com>
I am conducting a pen test on an application that
crosses our firewall - the app is well setup and
protected. Also we only allow port 80 and 443 to cross
the firewall.
While testing the app I was using the @stake web proxy
to alter the contents of the http data stream. With
the http "session" still fresh I changed the ns
browser (4.7) to no longer use the local proxy
127.0.0.1 and instead connect directly to the http
server that runs the app - then I simply hit enter.
I was suprised to get a netscape basic authentication
prompt box with the text
Enter Username for Netscape Entperprise Server at
199.999.99.99:80
Questions ?
1. Does the server owner have to setup any userids to
run this server or is there always a default admin
userid in place on these servers ?
2. The prompt box did not specify any userid - just
the text above. I think I can start password guessing
for the Netscape enterprise server administrator
userid. Any reason I cannot ?
3. Can this prompt be turned off - in other words why
is this prompt going out through the firewall - the
firewall permits only port 80 & 443 - ethereal shows
this traffic is port 80
4. I thought that the admin port for a NS 4.1 server
did not default to port 80 ??
I think that this prompt could be used for password
guessing on the server administrator userid - if the
server has such userid assigned. To me this is a
potential entry into the NS server across the firewall
via port 80 !!
I also found another means to get the same prompt -
making me suspect that the Netscape Server is
misconfigured.
Before I bring this to the attention of the server
admin can anyone answer any of the above questions ?
Reading the NS site docs does not conclusively tell me
that an administrator userid has to exist - and - does
not say (as far as I can find) if there is a way to
prevent this prompt from going out across the firewall
- there must be a way to prevent this in the Netscape
server
all help appreciated
nobody
__________________________________________________
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos & More
http://faith.yahoo.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Patrick MacDanel: "revised data for scoopLM capture"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
