Abyss Web Server Crafted Filename Request Authentication Bypass

2002-08-22T00:00:00
ID OSVDB:3287
Type osvdb
Reporter Luigi Auriemma(aluigi@autistici.org)
Modified 2002-08-22T00:00:00

Description

Vulnerability Description

Abyss Web Server contains a flaw that may allow a remote attacker to bypass administration settings. By sending a specially crafted URL containing '+' characters to the configuration files, it is possible for a remote attacker to bypass administration settings resulting in a loss of integrity.

Solution Description

Upgrade to version 1.0.3 (patch 3) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Abyss Web Server contains a flaw that may allow a remote attacker to bypass administration settings. By sending a specially crafted URL containing '+' characters to the configuration files, it is possible for a remote attacker to bypass administration settings resulting in a loss of integrity.

Manual Testing Notes

http://[victim]:9999/srvstatus.chl+ http://[victim]:9999/general.chl+ http://[victim]:9999/consport.chl+ http://[victim]:9999/conspass.chl+

References:

Vendor URL: http://www.aprelium.com/ Vendor Specific Solution URL: http://www.aprelium.com/news/patch1033.html Security Tracker: 1005126 Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html Other Advisory URL: http://aluigi.altervista.org/adv/abyss-adv.txt ISS X-Force ID: 9957 CVE-2002-1080