|
Family: CGI abuses --> Category: infos
Trend Micro ServerProtect for Linux splx_2376_info Cookie Authentication Bypass Vulnerability Vulnerability Scan
Vulnerability Scan Summary Tries to bypass authentication with SPLX
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server suffers from an authentication bypass
vulnerability.
Description :
The remote host is running ServerProtect for Linux, an anti-virus
application for Linux-based servers from Trend Micro.
The version of ServerProtect for Linux installed on the remote host
fails to check the validity of the session id in the 'splx_2376_info'
cookie before granting access to its administrative pages. A remote
attacker can exploit this flaw to bypass authentication and gain full
control of the affected web application.
See also :
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=477
http://www.securityfocus.com/archive/1/460805/30/0/threaded
http://www.trendmicro.com/download/product.asp?productid=20
Solution :
Apply the appropriate patch referenced in the vendor advisory above.
Threat Level:
High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|