Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Servers :: web4874.htm

Stronghold httpd leaks info
26th Nov 2001 [SBWID-4874]

	Stronghold httpd leaks info


	Stronghold/3.0, all versions up to build 3015


	Bernard  Margelin  in  VIGILANTE   []   advisory
	2001002 :

	-- snip--

	In Redhat Stronghold from versions 2.3 up to  3.0  a  flaw  exists  that
	allows a remote attacker to disclose sensitive  system  files  including
	the httpd.conf file, if a restricted access to the server status  report
	is not enabled when using those features. This may  assist  an  attacker
	in performing further attacks.

	By  trying  the  following  urls,  an  attacker  can  gather   sensitive
	information :

	http://target/stronghold-info will give information on configuration

	http://target/stronghold-status will return among other information

	the list of request made



	Please  note  that  this  attack  can  be  performed  after  a   default
	installation. The vulnerabiliy seems to affect all previous  version  of

	-- snip --


	Installing Stronghold/3.0 build 3015 will solve the problem



	This vulnerability was discovered by Madalina Andrei and Reda

	Zitouni, members of our Security Watch Team at Vigilante. We wish to

	thank Stronghold for their fast answer to fix this problem. 


	Copyright, Inc. 2001-11-23




TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH