Multiple vulnerabilities in WebTrends Enterprise Reporting Server 1.5
16 Oct. 1999
Summary
WebTrends Enterprise Reporting Server is a web reporting solution that can process and post web site traffic analysis reports for simultaneous users who log-in remotely through a web browser. This product contains a number of vulnerabilities that causes the product to be insecure for use on the Internet.
WebTrends Enterprise Reporting Server 1.5 running on Linux or Solaris has the following vulnerabilities:
1) If the WebTrends Enterprise Reporting Server is running as root, then due to file ownership misconfiguration it may be possible for local users to gain root privileges.
2) WebTrends Enterprise Reporting Server logs debug information in a world readable and writable file. The debug information may include usernames and passwords stored in clear text. It is also possible for local users to gain unauthorized access to the server as well as to WebTrends administration software. Local users can also modify that file, making the auditing mechanism unsafe.
3) WebTrends Enterprise Reporting Server stores its user and profile information in files with world read/write permissions. It may be possible for local users to gain unauthorized access to the WebTrends administration software, and/or create a Denial of Service.
4) On WebTrends Enterprise Reporting Server, the default installation has blank administrator password. A remote user may be able to gain administrative privileges to the WebTrends administration software.
