Detections
Analytics
PatchLink Update Server proxyreg.asp Arbitrary Proxy Manipulation
high Nessus Plugin ID 22117
Language:
Synopsis
The remote web server contains an ASP script that is prone to an authentication bypass attack.Description
The remote host is running PatchLink Update Server, a patch and vulnerability management solution.The version of PatchLink Update Server installed on the remote fails to check for authentication credentials before providing access to the '/dagent/proxyreg.asp' script. An attacker can exploit this issue to list, delete, or add proxies used by the PatchLink FastPatch software.
Note that Novell ZENworks Patch Management is based on PatchLink Update Server and is affected as well.
Solution
Apply patch 6.1 P1 / 6.2 SR1 P1 if using PatchLink Update Server or 6.2 SR1 P1 if using Novell ZENworks Patch Management.See Also
https://www.securityfocus.com/archive/1/438710/30/0/threaded
http://support.novell.com/cgi-bin/search/searchtid.cgi?10100709.htm
Plugin Details
Severity: High
ID: 22117
File Name: plus_proxyreg_auth_bypass.nasl
Version: 1.12
Type: remote
Family: CGI abuses
Published: 7/28/2006
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
Required KB Items: www/ASP
Exploit Ease: No exploit is required
Vulnerability Publication Date: 6/28/2006
Reference Information
CVE: CVE-2006-3425
BID: 18723