WebTrends Vulnerabilities
Created 4/23/02
CAN 2002-0595
CAN 2002-0596
Impact
A remote attacker could execute arbitrary code with
SYSTEM privileges.
Background
WebTrends Reporting
Center is a web traffic analyzer featuring web-based
reporting capabilities.
The Problems
CAN 2002-0595
Due to a buffer overflow condition, it could be possible for
a remote attacker to crash the service or execute arbitrary
commands by sending a GET request for a very
long file name under the reports/ directory.
Exploitation of this vulnerability would require successful
authentication to the Reporting Server. However, anonymous
logins are allowed, so the attacker would not require knowledge
of a legitimate login name and password.
CAN 2002-0596
A second vulnerability in WebTrends Reporting Center can be
used to remotely determine the software's full directory path
on the server by requesting the get_od_toc.pl
script with a non-existent profile.
Both of these vulnerabilities affect WebTrends Reporting
Center 4.0d and earlier.
Resolution
Upgrade to WebTrends Reporting Center 4.0e or higher when
available. Until then, disable anonymous access to the Reporting
Server, and run the server at as low a privilege level
as possible.
Where can I read more about this?
These vulnerabilities were reported in NGSSoftware
Advisory 17042002C.