File: 2069.txt

package info (click to toggle)
snort 2.7.0-20.4
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 34,512 kB
  • ctags: 18,772
  • sloc: ansic: 115,404; sh: 10,893; makefile: 1,372; perl: 487; sql: 213
file content (67 lines) | stat: -rw-r--r-- 1,264 bytes parent folder | download | duplicates (6)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
Rule:

--
Sid:
2069

--
Summary:
This event is generated when an attempt is made to exploit a known 
vulnerability in devices using the IPC@CHIP from Beck IPC GmbH.

--
Impact:
Information disclosure

--
Detailed Information:
The IPC@CHIP from Beck IPC GmbH is used in network appliances for use in
controlling those devices via a web interface.

The embedded webserver uses the system root as its default webserver 
root directory. This means an attacker can request any file on the 
system by making an http request for the file.

--
Affected Systems:
All devices using this chip.

--
Attack Scenarios:
The attacker needs to craft a special URI including chip.ini with a 
request for a file on the system.

--
Ease of Attack:
Simple

--
False Positives:
None Known

--
False Negatives:
None Known

--
Corrective Action:
Network devices using this chip should be closely monitored, access to 
the embedded webserver should be carefully controlled using a firewall 
or disabled where possible.

--
Contributors:
Sourcefire Research Team
Brian Caswell <bmc@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>

--
Additional References:

Bugtraq:
http://www.securityfocus.com/bid/2775

CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0749

--