| VID |
22138 |
| Severity |
40 |
| Port |
8888 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Sun AnswerBook2 dwhttpd allows remote users to access for the administration interface.
Sun AnswerBook2 is a utility that allows users to view Sun online documentation using a Web browser. Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2. AnswerBook2 is shipped as part of the Solaris operating environment.
A lack of authentication checks for certain scripts within the administration interface of AnswerBook2 versions 1.4.2 and prior, for Sun Solaris, allows remote users to create administration accounts. By directly accessing the /cgi-bin/admin/admin script present under the AnswerBook2 dwhttpd web server, it is possible to add users to the administration interface. This will allow an attacker to read log files and manage content.
* Platforms Affected:
Sun AnswerBook2 1.3 .x
Sun AnswerBook2 1.4
Sun AnswerBook2 1.4.1
Sun AnswerBook2 1.4.2
* References:
http://online.securityfocus.com/bid/1554
http://www.iss.net/security_center/static/5069.php |
| Recommendation |
Two steps are required to protect against these vulnerabilities:
1. Update AnswerBook2 to the latest version (at least version 1.4.2) The latest version of AnswerBook2 can be dowloaded from:
http://www.sun.com/software/ab2/dwnld_versions.html
2. Apply the appropriate patch for your system, available from Sun Microsystems, Inc. Security Bulletin #00196, "AnswerBook2" at http://online.securityfocus.com/advisories/2486
* Note: The AnswerBook2 web server has been End-of-Lifed and is no longer included with Solaris releases (as of Solaris 9). |
| Related URL |
CVE-2000-0696 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
