Signature Detail
Short Name |
HTTP:PKG:SUPERSCOUT-USERLIST |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
SuperScout Email Filter Administration User Database Access |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: SuperScout Email Filter Administration User Database Access
This signature detects attempts to view a Web page in the Administration interface for the SuperScout Email Filter. Because SuperScout does not check permissions correctly, attackers with access to the URL http://<ipaddress>/web/usermgr/userlist.asp can obtain usernames and unencrypted passwords.
Extended Description
SurfControl SuperScout WebFilter is web filtering software for Microsoft Windows operating systems. SurfControl SuperScout WebFilter includes a remotely accessible reporting service. It has been reported that SuperScout WebFilter insecurely stores some types of information. The reports server included as part of the SuperScout WebFilter package stores sensitive information in a publicly accessible, unrestricted directory. A remote user could gain access to user credentials.
Affected Products
- SurfControl SuperScout Web Filter for Windows NT/2000 3.0.0
- SurfControl SuperScout Web Filter for Windows NT/2000 3.0.3
- SurfControl Web Filter for Windows NT/2000 4.0.0
- SurfControl Web Filter for Windows NT/2000 4.1.0
References
- BugTraq: 5856
- CVE: CVE-2002-1530
- URL: http://www.surfcontrol.com
- URL: http://securityvulns.com/docs3608.html
- URL: http://www.ftusecurity.com