GEN:SID | 1:1103 |
Message | WEB-MISC Netscape admin passwd |
Summary | This event is generated when a client is requesting a file that may contain an administrator name and password.
|
Impact | An attacker may be able to gain administrator access to your web server.
|
Detailed Information | Some versions of Netscape Enterprise Server put a world readable text file containing the administrator user name and encrypted password in a standard location within the URI space. By acessing this, an attacker may be able to brute force guess or even decrypt the password.
|
Affected Systems | Netscape Enterprise/3.6 SP3 Netscape Fasttrack/3.0.2 Netscape Messaging Server/3.6 Netscape Messaging Server/4.15p2 Netscape Collabra Server/3.54
|
Attack Scenarios | This is an information gathering operation that could allow an attacker to execute a brute force password guessing attack.
|
Ease of Attack | Moderate. The file is easy enough to get access to, but the password is still encrypted.
|
Corrective Action | Set appropriate permissions on this file or upgrade your web server software.
|
Additional References | Secureiteam http://www.securiteam.com/securitynews/5OR040A1UG.html
|
Rule References | bugtraq: 1579
nessus: 10468
|