Network Associates Net Tools PKI Server 1.0 Unauthenticated Access Vulnerability
BID:1364
Info
Network Associates Net Tools PKI Server 1.0 Unauthenticated Access Vulnerability
| Bugtraq ID: | 1364 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Jun 19 2000 12:00AM |
| Updated: | Jun 19 2000 12:00AM |
| Credit: | Posted to Bugtraq on June 19, 2000 by Jim Stickley <[email protected]>. |
| Vulnerable: |
Network Associates Net Tools PKI Server 1.0 |
| Not Vulnerable: | |
Discussion
Network Associates Net Tools PKI Server 1.0 Unauthenticated Access Vulnerability
The Xcert Universal Database API (XUDA) templates that are included with Network Associates Net Tools PKI Server do not refer to absolute pathnames to other files. Therefore it is possible, under certain conditions, for an unauthenticated user to gain access to the host computer.
The Xcert Universal Database API (XUDA) templates that are included with Network Associates Net Tools PKI Server do not refer to absolute pathnames to other files. Therefore it is possible, under certain conditions, for an unauthenticated user to gain access to the host computer.
Exploit / POC
Network Associates Net Tools PKI Server 1.0 Unauthenticated Access Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Network Associates Net Tools PKI Server 1.0 Unauthenticated Access Vulnerability
Solution:
Network Associates has released the following hotfix which eliminates this vulnerability.
To determine whether or not an individual has attempted to exploit this vulnerability, search for log entries that contain 'x-templates' in the URL in enroll-access.log and admin-access.log files in the /WebServer/logs directory. These entries can be examined in order to determine the offending IP address and which files were accessed.
Network Associates Net Tools PKI Server 1.0
Solution:
Network Associates has released the following hotfix which eliminates this vulnerability.
To determine whether or not an individual has attempted to exploit this vulnerability, search for log entries that contain 'x-templates' in the URL in enroll-access.log and admin-access.log files in the /WebServer/logs directory. These entries can be examined in order to determine the offending IP address and which files were accessed.
Network Associates Net Tools PKI Server 1.0
-
Network Associates PKISERVER100-SP1-103-1
ftp://ftp.tis.com/gauntlet/hide/pki/PKISERVER100-SP1-103-1.EXE
References
Network Associates Net Tools PKI Server 1.0 Unauthenticated Access Vulnerability
References:
References:
- Net Tools PKI Product Homepage (Network Associates Inc.)
- Release Notes for Net Tools PKI Server Version 1.0 for Windows NT HotFix 1 (Network Associates Inc.)