Zeus Technologies Zeus Web Server Weak Encryption

1999-10-25T00:00:00
ID OSVDB:8186
Type osvdb
Reporter RFP(rfp@wiretrip.net)
Modified 1999-10-25T00:00:00

Description

Vulnerability Description

Zeus Web Server contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to MD5 hashed passwords in the default file '/usr/local/zeus/admin/website' as they are base64 encoded, which may lead to a loss of confidentiality.

Technical Description

Here is a sample '/usr/local/zeus/admin/website' file : modules!access!users!admin yoEPUmukiYLrPvz4jqBeJQ==

Once base64 decoded "yoEPUmukiYLrPvz4jqBeJQ==" reveals "81ca 520f a46b 8289 3eeb f8fc a08e 255e" which is the MD5 hash of password 'admrox' with byte inversion.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Zeus Web Server contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to MD5 hashed passwords in the default file '/usr/local/zeus/admin/website' as they are base64 encoded, which may lead to a loss of confidentiality.

References:

Vendor URL: http://www.zeus.co.uk Related OSVDB ID: 1126 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1999-q3/1378.html ISS X-Force ID: 3833 CVE-1999-0884 Bugtraq ID: 742