AnomicHTTPProxy Administration Password Dementia

2004-07-11T03:11:39
ID OSVDB:7713
Type osvdb
Reporter OSVDB
Modified 2004-07-11T03:11:39

Description

Vulnerability Description

AnomicHTTPProxy contains a flaw that may allow a remote attacker to gain administrative privileges. The issue is due to the server forgetting the administrative password during startup. This may present a window for a remote attacker to log into the Proxy and gain full administrative privileges.

Solution Description

Upgrade to version v0.22_build20040711 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

AnomicHTTPProxy contains a flaw that may allow a remote attacker to gain administrative privileges. The issue is due to the server forgetting the administrative password during startup. This may present a window for a remote attacker to log into the Proxy and gain full administrative privileges.

References:

Vendor URL: http://www.anomic.de/AnomicHTTPProxy/ Vendor Specific Advisory URL Related OSVDB ID: 7709 Related OSVDB ID: 7714