Exploit Intel Corporation Shiva Access Manager 5.0 - Solaris World Readable LDAP Password

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
20003
Проверка EDB
  1. Пройдено
Автор
BLAISE ST. LAURENT
Тип уязвимости
LOCAL
Платформа
SOLARIS
CVE
cve-2000-0516
Дата публикации
2000-06-06
Код:
source: https://www.securityfocus.com/bid/1329/info

The Shiva Access Manager is a solution for centralized remote access authentication, authorization, and accounting offered by Intel. It runs on Solaris and Windows NT. Shiva Access Manager is vulnerable to a default configuration problem in its Solaris version (and possibly for NT as well, though uncomfirmed). When configuring the Access Manager for LDAP, it prompts for the root "Distinguished Name" and password. It stores this information in a textfile that is owned by root and set world readable by default, $SHIVA_HOME_DIR/insnmgmt/shiva_access_manager/radtac.ini. This file also contains information such as the LDAP server's hostname and server port. This information can be used to completely compromise the LDAP server. 

cat $SHIVA_HOME_DIR/insnmgmt/shiva_access_manager/radtac.ini

(proceed then to do whatever LDAP attacks you like)
 
Источник
www.exploit-db.com

Похожие темы