ID

VAR-201402-0038


CVE

CVE-2011-4091


TITLE

libnet6 of inc/server.hpp of libobby Vulnerability in server where important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2011-005273

DESCRIPTION

The libobby server in inc/server.hpp in libnet6 (aka net6) before 1.3.14 does not perform authentication before checking the user name, which allows remote attackers to obtain sensitive information such as server-usage patterns by a particular user and color preferences. Net6 is a simple network library. The net6 library performs certain operations before verifying the connection of user authentication information, which may result in the disclosure of part of the information of the connected user. net6 is prone to a session-hijacking vulnerability and an information-disclosure vulnerability. An attacker can exploit these vulnerabilities to obtain sensitive information, or possibly perform actions with elevated privileges. net6 1.3.13 is vulnerable; other versions may also be affected. For more information: SA46605 SOLUTION: Apply updated packages via the yum utility ("yum update net6"). ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: net6 Two Weaknesses SECUNIA ADVISORY ID: SA46605 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46605/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46605 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46605/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46605/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46605 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Vasiliy Kulikov has reported two weaknesses in net6, which can be exploited by malicious people to disclose certain information and conduct session hijacking attacks. 2) It's possible to cause an internal ID counter to overflow, which can be exploited to e.g. hijack another user's session. The weaknesses are reported in version 1.3.13. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Vasiliy Kulikov ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2011/10/30/3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . 1) An error in the net6 library can be exploited to e.g. For more information see weakness #1 in: SA46605 2) An error in the net6 library can be exploited to hijack another user's session. For more information see weakness #2 in: SA46605 SOLUTION: Restrict access to trusted hosts only

Trust: 2.97

sources: NVD: CVE-2011-4091 // JVNDB: JVNDB-2011-005273 // CNVD: CNVD-2011-4618 // BID: 50442 // VULMON: CVE-2011-4091 // PACKETSTORM: 106452 // PACKETSTORM: 108403 // PACKETSTORM: 107292 // PACKETSTORM: 106438 // PACKETSTORM: 106445

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2011-4618

AFFECTED PRODUCTS

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.8

Trust: 1.6

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.5

Trust: 1.6

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.7

Trust: 1.6

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.9

Trust: 1.6

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.4

Trust: 1.6

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.10

Trust: 1.6

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.11

Trust: 1.6

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.12

Trust: 1.6

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.6

Trust: 1.6

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.3

Trust: 1.6

vendor:armin burgmeiermodel:net6scope:lteversion:1.3.13

Trust: 1.0

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.2

Trust: 1.0

vendor:oraclemodel:solarisscope:eqversion:11.2

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:11.4

Trust: 1.0

vendor:armin burgmeiermodel:net6scope:eqversion:1.3.1

Trust: 1.0

vendor:opensusemodel:opensusescope:eqversion:11.3

Trust: 1.0

vendor:0x539model:dev group net6scope:eqversion:1.3.13

Trust: 0.9

vendor:armin burgmeiermodel:net6scope:ltversion:1.3.14

Trust: 0.8

sources: CNVD: CNVD-2011-4618 // BID: 50442 // JVNDB: JVNDB-2011-005273 // CNNVD: CNNVD-201110-713 // NVD: CVE-2011-4091

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4091
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-4091
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201110-713
value: MEDIUM

Trust: 0.6

VULMON: CVE-2011-4091
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-4091
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-2011-4091 // JVNDB: JVNDB-2011-005273 // CNNVD: CNNVD-201110-713 // NVD: CVE-2011-4091

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.8

sources: JVNDB: JVNDB-2011-005273 // NVD: CVE-2011-4091

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201110-713

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201110-713

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-005273

PATCH

title:Run custom authentication before checking for the user nameurl:http://git.0x539.de/?p=net6.git;a=commitdiff;h=84afca022f063f89bfcd4bb32b1ee911f555abf1;hp=ac61d7fb42a1f977fb527e024bede319c4a9e169

Trust: 0.8

title:Bug 727708url:https://bugzilla.novell.com/show_bug.cgi?id=727708

Trust: 0.8

title:Oracle Solaris Third Party Bulletin - April 2015url:http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

Trust: 0.8

title:Bug 750632url:https://bugzilla.redhat.com/show_bug.cgi?id=750632

Trust: 0.8

title:Net6 information disclosure vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/5746

Trust: 0.6

title:net6-1.3.14url:http://123.124.177.30/web/xxk/bdxqById.tag?id=48216

Trust: 0.6

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2015url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=2a43c5799a7dd07d6c0a92a3b040d12f

Trust: 0.1

sources: CNVD: CNVD-2011-4618 // VULMON: CVE-2011-4091 // JVNDB: JVNDB-2011-005273 // CNNVD: CNNVD-201110-713

EXTERNAL IDS

db:NVDid:CVE-2011-4091

Trust: 3.4

db:OPENWALLid:OSS-SECURITY/2011/10/31/1

Trust: 1.7

db:JVNDBid:JVNDB-2011-005273

Trust: 0.8

db:CNVDid:CNVD-2011-4618

Trust: 0.6

db:OPENWALLid:OSS-SECURITY/2011/10/30/3

Trust: 0.6

db:CNNVDid:CNNVD-201110-713

Trust: 0.6

db:SECUNIAid:46698

Trust: 0.4

db:BIDid:50442

Trust: 0.3

db:SECUNIAid:46605

Trust: 0.2

db:VULMONid:CVE-2011-4091

Trust: 0.1

db:PACKETSTORMid:106452

Trust: 0.1

db:SECUNIAid:47433

Trust: 0.1

db:PACKETSTORMid:108403

Trust: 0.1

db:SECUNIAid:46988

Trust: 0.1

db:PACKETSTORMid:107292

Trust: 0.1

db:PACKETSTORMid:106438

Trust: 0.1

db:PACKETSTORMid:106445

Trust: 0.1

sources: CNVD: CNVD-2011-4618 // VULMON: CVE-2011-4091 // BID: 50442 // JVNDB: JVNDB-2011-005273 // PACKETSTORM: 106452 // PACKETSTORM: 108403 // PACKETSTORM: 107292 // PACKETSTORM: 106438 // PACKETSTORM: 106445 // CNNVD: CNNVD-201110-713 // NVD: CVE-2011-4091

REFERENCES

url:http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

Trust: 1.8

url:http://www.openwall.com/lists/oss-security/2011/10/31/1

Trust: 1.7

url:http://lists.opensuse.org/opensuse-updates/2012-01/msg00054.html

Trust: 1.7

url:https://bugzilla.novell.com/show_bug.cgi?id=727708

Trust: 1.7

url:http://lists.opensuse.org/opensuse-updates/2012-01/msg00044.html

Trust: 1.7

url:https://bugzilla.redhat.com/show_bug.cgi?id=750632

Trust: 1.7

url:http://git.0x539.de/?p=net6.git%3ba=commitdiff%3bh=84afca022f063f89bfcd4bb32b1ee911f555abf1%3bhp=ac61d7fb42a1f977fb527e024bede319c4a9e169

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4091

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4091

Trust: 0.8

url:http://seclists.org/oss-sec/2011/q4/197

Trust: 0.6

url:http://www.openwall.com/lists/oss-security/2011/10/30/3

Trust: 0.6

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.5

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.5

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.5

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.5

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.5

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.5

url:http://git.0x539.de/?p=net6.git;a=commitdiff;h=84afca022f063f89bfcd4bb32b1ee911f555abf1;hp=ac61d7fb42a1f977fb527e024bede319c4a9e169

Trust: 0.4

url:http://git.0x539.de/?p=net6.git;a=commitdiff;h=ac61d7fb42a1f977fb527e024bede319c4a9e169;hp=08c8e2261604c6fcbbaf62f9ae9d13f7015fcb9a

Trust: 0.3

url:http://www.0x539.de/projects.html

Trust: 0.3

url:http://secunia.com/products/corporate/vim/ovum_2011_request/

Trust: 0.3

url:http://secunia.com/advisories/46698/

Trust: 0.2

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=46698

Trust: 0.2

url:http://secunia.com/advisories/46698/#comments

Trust: 0.2

url:http://secunia.com/company/jobs/

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/287.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://hermes.opensuse.org/messages/13155294

Trust: 0.1

url:http://secunia.com/advisories/47433/

Trust: 0.1

url:https://hermes.opensuse.org/messages/13154695

Trust: 0.1

url:http://secunia.com/advisories/47433/#comments

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=47433

Trust: 0.1

url:http://lists.fedoraproject.org/pipermail/package-announce/2011-november/069822.html

Trust: 0.1

url:http://secunia.com/advisories/46988/#comments

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=46988

Trust: 0.1

url:http://secunia.com/advisories/46988/

Trust: 0.1

url:http://secunia.com/advisories/46605/

Trust: 0.1

url:http://secunia.com/advisories/46605/#comments

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=46605

Trust: 0.1

sources: CNVD: CNVD-2011-4618 // VULMON: CVE-2011-4091 // BID: 50442 // JVNDB: JVNDB-2011-005273 // PACKETSTORM: 106452 // PACKETSTORM: 108403 // PACKETSTORM: 107292 // PACKETSTORM: 106438 // PACKETSTORM: 106445 // CNNVD: CNNVD-201110-713 // NVD: CVE-2011-4091

CREDITS

Vasiliy Kulikov

Trust: 0.9

sources: BID: 50442 // CNNVD: CNNVD-201110-713

SOURCES

db:CNVDid:CNVD-2011-4618
db:VULMONid:CVE-2011-4091
db:BIDid:50442
db:JVNDBid:JVNDB-2011-005273
db:PACKETSTORMid:106452
db:PACKETSTORMid:108403
db:PACKETSTORMid:107292
db:PACKETSTORMid:106438
db:PACKETSTORMid:106445
db:CNNVDid:CNNVD-201110-713
db:NVDid:CVE-2011-4091

LAST UPDATE DATE

2024-08-14T14:40:23.644000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-4618date:2011-11-01T00:00:00
db:VULMONid:CVE-2011-4091date:2018-10-30T00:00:00
db:BIDid:50442date:2015-04-13T21:17:00
db:JVNDBid:JVNDB-2011-005273date:2015-06-19T00:00:00
db:CNNVDid:CNNVD-201110-713date:2023-02-14T00:00:00
db:NVDid:CVE-2011-4091date:2023-02-13T04:32:43.717

SOURCES RELEASE DATE

db:CNVDid:CNVD-2011-4618date:2011-11-01T00:00:00
db:VULMONid:CVE-2011-4091date:2014-02-10T00:00:00
db:BIDid:50442date:2011-10-31T00:00:00
db:JVNDBid:JVNDB-2011-005273date:2014-02-12T00:00:00
db:PACKETSTORMid:106452date:2011-10-31T03:59:25
db:PACKETSTORMid:108403date:2012-01-06T03:20:14
db:PACKETSTORMid:107292date:2011-11-26T01:20:50
db:PACKETSTORMid:106438date:2011-10-31T02:00:09
db:PACKETSTORMid:106445date:2011-10-31T03:45:03
db:CNNVDid:CNNVD-201110-713date:1900-01-01T00:00:00
db:NVDid:CVE-2011-4091date:2014-02-10T18:15:09.060