[LWN Logo]

Date:         Sat, 9 Oct 1999 14:16:39 -0400
From: Manos Megagiannis <manos@TKI.NET>
Subject:      Security Vulnerabilities with WebTrends ERS
To: BUGTRAQ@SECURITYFOCUS.COM

WebTrends Enterprise Reportig Server ver 1.5 running on Linux or Solaris
has the following vulnerabilities:

1) If the WebTrends Enterprise Reporting Server is running as root. Due to
file ownership misconfiguration, it may be possible for local users to gain
root privileges.

2) WebTrends Enterprise Reporting Server, logs debug information in a world
readable and writable file. The debug information may include user-names and
passwords stored in clear text. It may be possible for local users to gain
unauthorized access to the server as well as to WebTrends administration
software. Local users can also modify that file, making the auditing
mechanism unsafe.

3) WebTrends Enterprise Reporting Server, stores its user information in
files with world read/write permissions. It may be possible for local users
to gain unauthorized access to the WebTrends administration software, and/or
create a denial of service.

4) WebTrends Enterprise Reporting Server, stores its profile information in
files with world read/write permissions. It may be possible for local users
to create a denial of service.

5) On WebTrends Enterprise Reporting Server, the default installation has
blank administrator password. A remote user may be able to gain
administrative priviledges to the WebTrends administration software.

Manos

-------------------------------------------------------------------
Totally Secure, Inc.			http://www.totallysecure.com
Manos Megagiannis			manos@totallysecure.com
-------------------------------------------------------------------