Microsoft Site Server UserManager.asp Arbitrary LDAP Modification

2002-01-30T00:00:00
ID OSVDB:17657
Type osvdb
Reporter RFP(rfp@wiretrip.net)
Modified 2002-01-30T00:00:00

Description

Vulnerability Description

Microsoft Site Server contains a flaw that may allow a remote attacker to arbitrarily modify the LDAP configuration. The issue is triggered when using the 'LDAP_Anonymous' account and accessing the 'UserManager.asp' script, which may allow a remote attacker to arbitrarily create, modify and/or delete LDAP users resulting in a loss of integrity. While not considered critical, this information can lead to more focused and precise attacks.

Technical Description

The patch prevents the 'LDAP_Anonymous' account from accessing these scripts. However, a valid NT account is still able to manipulate the information.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

Microsoft Site Server contains a flaw that may allow a remote attacker to arbitrarily modify the LDAP configuration. The issue is triggered when using the 'LDAP_Anonymous' account and accessing the 'UserManager.asp' script, which may allow a remote attacker to arbitrarily create, modify and/or delete LDAP users resulting in a loss of integrity. While not considered critical, this information can lead to more focused and precise attacks.

References:

Vendor URL: http://www.microsoft.com/ Snort Signature ID: 1817 Snort Signature ID: 1818 Security Tracker: 1003420 Related OSVDB ID: 17655 Related OSVDB ID: 17658 Related OSVDB ID: 17661 Related OSVDB ID: 17663 Related OSVDB ID: 17664 Related OSVDB ID: 17666 Related OSVDB ID: 17668 Related OSVDB ID: 17656 Related OSVDB ID: 17660 Related OSVDB ID: 17667 Related OSVDB ID: 17669 Related OSVDB ID: 831 Related OSVDB ID: 17652 Related OSVDB ID: 17654 Related OSVDB ID: 17670 Related OSVDB ID: 17653 Related OSVDB ID: 17659 Related OSVDB ID: 17662 Related OSVDB ID: 17665 Related OSVDB ID: 17671 Nessus Plugin ID:11018 Microsoft Knowledge Base Article: 248840 Mail List Post: http://marc.theaimsgroup.com/?l=vulnwatch&m=101235440104716&w=2