Mercury SiteScope Server Unauthenticated Administrative Access

2002-04-14T00:00:00
ID OSVDB:649
Type osvdb
Reporter OSVDB
Modified 2002-04-14T00:00:00

Description

Vulnerability Description

Many users of Mercury SiteScope Server do not configure authentication settings properly (e. g. no or weak passwords are set). It is possible for a remote attacker to gain total control over systems running this service resulting in a loss of confidentiality and/or integriy.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Always use a strong password protection and restrict access by IP addresses.

Short Description

Many users of Mercury SiteScope Server do not configure authentication settings properly (e. g. no or weak passwords are set). It is possible for a remote attacker to gain total control over systems running this service resulting in a loss of confidentiality and/or integriy.

Manual Testing Notes

http://[victim]/SiteScope/cgi/go.exe/SiteScope?page=eventLog&machine=&logName=System&account=administrator

References:

Vendor URL: http://www.mercury.com/us/products/application-management/foundation/monitors/sitescope/ Snort Signature ID: 1499 Nessus Plugin ID:10778