Details of VAR-201402-0038

ID

VAR-201402-0038

CVE

CVE-2011-4091

TITLE

libnet6 of inc/server.hpp of libobby Vulnerability in server where important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2011-005273

DESCRIPTION

The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentication before checking the user name, which allows remote attackers to obtain sensitive information such as server-usage patterns by a particular user and color preferences. Net6 is a simple network library. The net6 library performs certain operations before verifying the connection of user authentication information, which may result in the disclosure of part of the information of the connected user. net6 is prone to a session-hijacking vulnerability and an information-disclosure vulnerability. An attacker can exploit these vulnerabilities to obtain sensitive information, or possibly perform actions with elevated privileges. net6 1.3.13 is vulnerable; other versions may also be affected. For more information: SA46605 SOLUTION: Apply updated packages via the yum utility ("yum update net6"). ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: net6 Two Weaknesses SECUNIA ADVISORY ID: SA46605 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46605/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46605 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46605/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46605/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46605 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Vasiliy Kulikov has reported two weaknesses in net6, which can be exploited by malicious people to disclose certain information and conduct session hijacking attacks. 2) It's possible to cause an internal ID counter to overflow, which can be exploited to e.g. hijack another user's session. The weaknesses are reported in version 1.3.13. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Vasiliy Kulikov ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2011/10/30/3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . 1) An error in the net6 library can be exploited to e.g. For more information see weakness #1 in: SA46605 2) An error in the net6 library can be exploited to hijack another user's session. For more information see weakness #2 in: SA46605 SOLUTION: Restrict access to trusted hosts only

Trust: 2.97

sources: NVD: CVE-2011-4091 // JVNDB: JVNDB-2011-005273 // CNVD: CNVD-2011-4618 // BID: 50442 // VULMON: CVE-2011-4091 // PACKETSTORM: 106452 // PACKETSTORM: 108403 // PACKETSTORM: 107292 // PACKETSTORM: 106438 // PACKETSTORM: 106445

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2011-4618

AFFECTED PRODUCTS

vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.8	Trust: 1.6
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.5	Trust: 1.6
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.7	Trust: 1.6
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.9	Trust: 1.6
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.4	Trust: 1.6
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.10	Trust: 1.6
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.11	Trust: 1.6
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.12	Trust: 1.6
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.6	Trust: 1.6
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.3	Trust: 1.6
vendor:	armin burgmeier	model:	net6	scope:	lte	version:	1.3.13	Trust: 1.0
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.2	Trust: 1.0
vendor:	oracle	model:	solaris	scope:	eq	version:	11.2	Trust: 1.0
vendor:	opensuse	model:	opensuse	scope:	eq	version:	11.4	Trust: 1.0
vendor:	armin burgmeier	model:	net6	scope:	eq	version:	1.3.1	Trust: 1.0
vendor:	opensuse	model:	opensuse	scope:	eq	version:	11.3	Trust: 1.0
vendor:	0x539	model:	dev group net6	scope:	eq	version:	1.3.13	Trust: 0.9
vendor:	armin burgmeier	model:	net6	scope:	lt	version:	1.3.14	Trust: 0.8

sources: CNVD: CNVD-2011-4618 // BID: 50442 // JVNDB: JVNDB-2011-005273 // CNNVD: CNNVD-201110-713 // NVD: CVE-2011-4091

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-4091
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2011-4091
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201110-713
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2011-4091
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2011-4091
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

sources: VULMON: CVE-2011-4091 // JVNDB: JVNDB-2011-005273 // CNNVD: CNNVD-201110-713 // NVD: CVE-2011-4091

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.8

sources: JVNDB: JVNDB-2011-005273 // NVD: CVE-2011-4091

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201110-713

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201110-713

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-005273

PATCH

title:	Run custom authentication before checking for the user name	url:	http://git.0x539.de/?p=net6.git;a=commitdiff;h=84afca022f063f89bfcd4bb32b1ee911f555abf1;hp=ac61d7fb42a1f977fb527e024bede319c4a9e169	Trust: 0.8
title:	Bug 727708	url:	https://bugzilla.novell.com/show_bug.cgi?id=727708	Trust: 0.8
title:	Oracle Solaris Third Party Bulletin - April 2015	url:	http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html	Trust: 0.8
title:	Bug 750632	url:	https://bugzilla.redhat.com/show_bug.cgi?id=750632	Trust: 0.8
title:	Net6 information disclosure vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/5746	Trust: 0.6
title:	net6-1.3.14	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=48216	Trust: 0.6
title:	Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2015	url:	https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=2a43c5799a7dd07d6c0a92a3b040d12f	Trust: 0.1

sources: CNVD: CNVD-2011-4618 // VULMON: CVE-2011-4091 // JVNDB: JVNDB-2011-005273 // CNNVD: CNNVD-201110-713

EXTERNAL IDS

db:	NVD	id:	CVE-2011-4091	Trust: 3.4
db:	OPENWALL	id:	OSS-SECURITY/2011/10/31/1	Trust: 1.7
db:	JVNDB	id:	JVNDB-2011-005273	Trust: 0.8
db:	CNVD	id:	CNVD-2011-4618	Trust: 0.6
db:	OPENWALL	id:	OSS-SECURITY/2011/10/30/3	Trust: 0.6
db:	CNNVD	id:	CNNVD-201110-713	Trust: 0.6
db:	SECUNIA	id:	46698	Trust: 0.4
db:	BID	id:	50442	Trust: 0.3
db:	SECUNIA	id:	46605	Trust: 0.2
db:	VULMON	id:	CVE-2011-4091	Trust: 0.1
db:	PACKETSTORM	id:	106452	Trust: 0.1
db:	SECUNIA	id:	47433	Trust: 0.1
db:	PACKETSTORM	id:	108403	Trust: 0.1
db:	SECUNIA	id:	46988	Trust: 0.1
db:	PACKETSTORM	id:	107292	Trust: 0.1
db:	PACKETSTORM	id:	106438	Trust: 0.1
db:	PACKETSTORM	id:	106445	Trust: 0.1

sources: CNVD: CNVD-2011-4618 // VULMON: CVE-2011-4091 // BID: 50442 // JVNDB: JVNDB-2011-005273 // PACKETSTORM: 106452 // PACKETSTORM: 108403 // PACKETSTORM: 107292 // PACKETSTORM: 106438 // PACKETSTORM: 106445 // CNNVD: CNNVD-201110-713 // NVD: CVE-2011-4091

REFERENCES

url:	http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html	Trust: 1.8
url:	http://www.openwall.com/lists/oss-security/2011/10/31/1	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-updates/2012-01/msg00054.html	Trust: 1.7
url:	https://bugzilla.novell.com/show_bug.cgi?id=727708	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-updates/2012-01/msg00044.html	Trust: 1.7
url:	https://bugzilla.redhat.com/show_bug.cgi?id=750632	Trust: 1.7
url:	http://git.0x539.de/?p=net6.git%3ba=commitdiff%3bh=84afca022f063f89bfcd4bb32b1ee911f555abf1%3bhp=ac61d7fb42a1f977fb527e024bede319c4a9e169	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4091	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4091	Trust: 0.8
url:	http://seclists.org/oss-sec/2011/q4/197	Trust: 0.6
url:	http://www.openwall.com/lists/oss-security/2011/10/30/3	Trust: 0.6
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.5
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.5
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.5
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.5
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.5
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.5
url:	http://git.0x539.de/?p=net6.git;a=commitdiff;h=84afca022f063f89bfcd4bb32b1ee911f555abf1;hp=ac61d7fb42a1f977fb527e024bede319c4a9e169	Trust: 0.4
url:	http://git.0x539.de/?p=net6.git;a=commitdiff;h=ac61d7fb42a1f977fb527e024bede319c4a9e169;hp=08c8e2261604c6fcbbaf62f9ae9d13f7015fcb9a	Trust: 0.3
url:	http://www.0x539.de/projects.html	Trust: 0.3
url:	http://secunia.com/products/corporate/vim/ovum_2011_request/	Trust: 0.3
url:	http://secunia.com/advisories/46698/	Trust: 0.2
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=46698	Trust: 0.2
url:	http://secunia.com/advisories/46698/#comments	Trust: 0.2
url:	http://secunia.com/company/jobs/	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://hermes.opensuse.org/messages/13155294	Trust: 0.1
url:	http://secunia.com/advisories/47433/	Trust: 0.1
url:	https://hermes.opensuse.org/messages/13154695	Trust: 0.1
url:	http://secunia.com/advisories/47433/#comments	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=47433	Trust: 0.1
url:	http://lists.fedoraproject.org/pipermail/package-announce/2011-november/069822.html	Trust: 0.1
url:	http://secunia.com/advisories/46988/#comments	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=46988	Trust: 0.1
url:	http://secunia.com/advisories/46988/	Trust: 0.1
url:	http://secunia.com/advisories/46605/	Trust: 0.1
url:	http://secunia.com/advisories/46605/#comments	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=46605	Trust: 0.1

CREDITS

Vasiliy Kulikov

Trust: 0.9

sources: BID: 50442 // CNNVD: CNNVD-201110-713

SOURCES

db:	CNVD	id:	CNVD-2011-4618
db:	VULMON	id:	CVE-2011-4091
db:	BID	id:	50442
db:	JVNDB	id:	JVNDB-2011-005273
db:	PACKETSTORM	id:	106452
db:	PACKETSTORM	id:	108403
db:	PACKETSTORM	id:	107292
db:	PACKETSTORM	id:	106438
db:	PACKETSTORM	id:	106445
db:	CNNVD	id:	CNNVD-201110-713
db:	NVD	id:	CVE-2011-4091

LAST UPDATE DATE

2024-08-14T14:40:23.644000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-4618	date:	2011-11-01T00:00:00
db:	VULMON	id:	CVE-2011-4091	date:	2018-10-30T00:00:00
db:	BID	id:	50442	date:	2015-04-13T21:17:00
db:	JVNDB	id:	JVNDB-2011-005273	date:	2015-06-19T00:00:00
db:	CNNVD	id:	CNNVD-201110-713	date:	2023-02-14T00:00:00
db:	NVD	id:	CVE-2011-4091	date:	2023-02-13T04:32:43.717

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2011-4618	date:	2011-11-01T00:00:00
db:	VULMON	id:	CVE-2011-4091	date:	2014-02-10T00:00:00
db:	BID	id:	50442	date:	2011-10-31T00:00:00
db:	JVNDB	id:	JVNDB-2011-005273	date:	2014-02-12T00:00:00
db:	PACKETSTORM	id:	106452	date:	2011-10-31T03:59:25
db:	PACKETSTORM	id:	108403	date:	2012-01-06T03:20:14
db:	PACKETSTORM	id:	107292	date:	2011-11-26T01:20:50
db:	PACKETSTORM	id:	106438	date:	2011-10-31T02:00:09
db:	PACKETSTORM	id:	106445	date:	2011-10-31T03:45:03
db:	CNNVD	id:	CNNVD-201110-713	date:	1900-01-01T00:00:00
db:	NVD	id:	CVE-2011-4091	date:	2014-02-10T18:15:09.060