A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Waterfall_Cache has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 47

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 194

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Memcache_Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 275

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; Filesystem_Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 440

A PHP Error was encountered

Severity: 8192

Message: Methods with the same name as their class will not be constructors in a future version of PHP; APC_Cache_System has a deprecated constructor

Filename: _common/waterfall_cache.php

Line Number: 628

iPlanet, Netscape Enterprise Servers at Risk

iPlanet, Netscape Enterprise Servers at Risk

By Ryan Naraine (Send Email)
Posted Aug 2, 2002


A vulnerability has been detected in the Web Publisher feature in the iPlanet Enterprise Web Server and Netscape Enterprise Server products that exposes servers to brute force attacks.

To guard against brute force attacks, users must disable Web Publisher and Directory Indexing on external servers.

In an alertissued Friday, the CERT Coordination Center warned that the vulnerabilities could allow attackers to make repeated authentication attempts if a server is configured to use HTTP basic authentication.

While the risk is not greater than any other brute force attack using HTTP basic authentication, this vulnerability may represent an unexpected avenue of attack, the Center warned.

The bug, which was detected by ProCheckup, affects the iPlanet Web Server, Enterprise Edition and Netscape Enterprise Server running on Windows NT-based operating systems.

The security outfit found the Web Publisher feature in those servers contains the wp-force-auth command that initiates an HTTP Basic Authentication dialog. "An attacker may make repeated calls to wp-force-auth in an attempt to guess valid user credentials. Well-known user credentials, such as Administrator or Guest on Windows systems, or root or nobody on Unix/Linux systems, may be subjected to brute-force attacks," it added.

While the exposure created by the bug is no greater than that of any other brute force attack, this vulnerability may represent an "unexpected avenue of attack," CERT warned.

Users of the vulnerable iPlanet server are urged to disable Web Publisher and Directory Indexing on external servers. Or, additionally, a Netscape Server Application Programming Interface (NSAPI) can be used to filter HTTP traffic to detect and block HTTP requests containing the ?wp-force-auth command.

It's not the first time bugs have been detected in Sun's iPlanet server product. Last month, Sun issued service packs to fix bugs in the search function of its iPlanet Web server.

The buffer overrun vulnerabilit ies, which detected by Next Generation Security Software (NGSS), affected versions 4.1 and 6.0 of iPlanet. That flaw allowed remote attackers to run arbitrary code if the search function within the Server is enabled. It was described as a high-risk bug.

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.


 

 


Thanks for your registration, follow us on our social networks to keep up-to-date