Date: Sat, 9 Oct 1999 14:16:39 -0400 From: Manos Megagiannis <manos@TKI.NET> Subject: Security Vulnerabilities with WebTrends ERS To: BUGTRAQ@SECURITYFOCUS.COM WebTrends Enterprise Reportig Server ver 1.5 running on Linux or Solaris has the following vulnerabilities: 1) If the WebTrends Enterprise Reporting Server is running as root. Due to file ownership misconfiguration, it may be possible for local users to gain root privileges. 2) WebTrends Enterprise Reporting Server, logs debug information in a world readable and writable file. The debug information may include user-names and passwords stored in clear text. It may be possible for local users to gain unauthorized access to the server as well as to WebTrends administration software. Local users can also modify that file, making the auditing mechanism unsafe. 3) WebTrends Enterprise Reporting Server, stores its user information in files with world read/write permissions. It may be possible for local users to gain unauthorized access to the WebTrends administration software, and/or create a denial of service. 4) WebTrends Enterprise Reporting Server, stores its profile information in files with world read/write permissions. It may be possible for local users to create a denial of service. 5) On WebTrends Enterprise Reporting Server, the default installation has blank administrator password. A remote user may be able to gain administrative priviledges to the WebTrends administration software. Manos ------------------------------------------------------------------- Totally Secure, Inc. http://www.totallysecure.com Manos Megagiannis manos@totallysecure.com -------------------------------------------------------------------