Sambar Server默认配置密码加密漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106452 漏洞类型 未知
发布时间 2001-07-25 更新时间 2005-05-02
CVE编号 CVE-2001-1106 CNNVD-ID CNNVD-200107-175
漏洞平台 Multiple CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/21027
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200107-175
|漏洞详情
SambarServer5及其之前版本的默认配置会使用加密密码二进制程序编译的对称密钥,远程攻击者可以通过破解密钥或修改sambar程序副本来调用译码程序,从而破解所有用户的密码。
|漏洞EXP
source: http://www.securityfocus.com/bid/3095/info

Sambar Server is a multi-threaded HTTP server for Microsoft Windows and Unix systems.

Sambar Server provides insecure default protection for user passwords.

The default password decryption algorithm employs only a single key, built into the server binary. If the key is recovered, user passwords may be extracted.

Compromise of the webserver's passwords could allow a local attacker to compromise the website's design and function, obtain confidential or security-sensitive information which could lead to further compromises of the host.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/21027.zip
|参考资料

来源:BID
名称:3095
链接:http://www.securityfocus.com/bid/3095
来源:XF
名称:sambar-insecure-passwords(6909)
链接:http://xforce.iss.net/static/6909.php
来源:BUGTRAQ
名称:20010725SambarServerpassworddecryption
链接:http://www.securityfocus.com/archive/1/199418