APP: SuperScout Web Reports Server User Database Access

This signature detects attempts to exploit a known vulnerability in the Webfilter for SuperScout Web Reports Server running on Microsoft Windows 2000 and NT. Attackers can use a simple GET request to obtain the user database (a txt file that contains user names and encrypted passwords) from the server.

Extended Description

SurfControl SuperScout WebFilter is web filtering software for Microsoft Windows operating systems. SurfControl SuperScout WebFilter includes a remotely accessible reporting service. It has been reported that SuperScout WebFilter insecurely stores some types of information. The reports server included as part of the SuperScout WebFilter package stores sensitive information in a publicly accessible, unrestricted directory. A remote user could gain access to user credentials.

Affected Products

Surfcontrol superscout_web_filter_for_windows_nt/2000

References

BugTraq: 5856

CVE: CVE-2002-0705

URL: http://www.securityfocus.com/bid/5856 http://www.westpoint.ltd.uk/advisories/wp-02-0005.txt http://www.iss.net/security_center/static/10248.php

Short Name

APP:SUPERSCOUT-USERDB

Severity

Minor

Recommended

False

Recommended Action

None

APP: SuperScout Web Reports Server User Database Access

Extended Description

Affected Products

References

Found a potential security threat?