SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   WebIntelligence Vendors:   Business Objects
BusinessObjects Web Intelligence Lets Remote Users Lock Out Arbitrary Accounts
SecurityTracker Alert ID:  1015355
SecurityTracker URL:  http://securitytracker.com/id/1015355
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Dec 14 2005
Impact:   Denial of service via network
Vendor Confirmed:  Yes  
Version(s): 6.5x
Description:   A vulnerability was reported in BusinessObjects Web Intelligence. A remote user can cause denial of service conditions.

A remote user can trigger the account lockout mechanism to lock out arbitrary accounts on the target system, including administrative accounts.

Michael Kemp of Computer Sciences Corporation discovered this vulnerability.

Impact:   A remote user can lock out arbitrary user accounts.
Solution:   No solution was available at the time of this entry.

The vendor has provided the following workarounds [quoted]:

1 - Disable "the number of failed logins allowed" feature. Using this
solution, a remote attacker is unable to disable legitimate accounts. It
should be noted however, that with unlimited attempts at establishing
password details associated with legitimate accounts, the attacker can
potentially discover legitimate credentials.

2 - Use external authentication systems (Windows Authentication mode, or
SSO with Site Minder, LDAP, Active Directory).

The vendor has issued a Knowledge Base article (19915) available at [registration required]:

http://www.techsupport.businessobjects.com/

Vendor URL:  www.businessobjects.com/products/queryanalysis/webi.asp (Links to External Site)
Cause:   State error
Underlying OS:  UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000)

Message History:   None.


 Source Message Contents

Subject:  [Full-disclosure] Business Objects WebIntelligence 6.5x Account

This is a multipart message in MIME format.
--===============0890334702==
Content-Type: multipart/alternative;
	boundary="=_alternative 004699B2802570D7_="

This is a multipart message in MIME format.
--=_alternative 004699B2802570D7_=
Content-Type: text/plain; charset="US-ASCII"

Computer Sciences Corporation Security Advisory
December 14, 2005

Summary: 
CSC have discovered an issue that could impact upon the availability and 
security of servers operating Business Objects WebIntelligence software. 
If a remote malicious attacker is able to access authentication mechanisms 
(ordinarily through form input) they can lock out and effectively disable 
user accounts, including General Supervisor (admin) users leading to 
system unavailability. 

Business Impact: 
Successful exploitation of this issue could lead to system unavailability 
and significant loss of productivity. This attack requires limited 
knowledge of WebIntelligence default account details, and provided no 
additional changes have been made in configuration, high level (and vital) 
accounts can be disabled. By using automated brute force tools, a 
potential attacker can easily disable accounts associated with legitimate 
system users. 

Affected Product(s): 
Business Objects WebIntelligence 6.5x
(It should be noted that additional software may be affected and the 
vendor should be contacted for confirmation).

Remediation: 
The vendor has proposed a number of remediation strategies, namely:

1 - Disable "the number of failed logins allowed" feature. Using this 
solution, a remote attacker is unable to disable legitimate accounts. It 
should be noted however, that with unlimited attempts at establishing 
password details associated with legitimate accounts, the attacker can 
potentially discover legitimate credentials.

2 - Use external authentication systems (Windows Authentication mode, or 
SSO with Site Minder, LDAP, Active Directory). 

Business Objects have also published a Knowledge Base article referencing 
this issue with the ID of 19915. This Knowledge Base article is available 
via the vendor support portal at: 
http://www.techsupport.businessobjects.com/

Credit:
This vulnerability was discovered by Michael Kemp of CSC (Computer 
Sciences Corporation).

-------------

This document is not to be edited or altered in any way without the 
express written consent of CSC. You may provide links to this document 
from web sites or mailing lists, and you may make copies of this document 
in accordance with the fair use doctrine of the U.S. copyright laws. 

Disclaimer: The information contained in this document may change without 
notice. There are NO warranties, implied or otherwise, with regard to this 
information or its use. In no event shall the author/distributor (CSC) be 
held liable for any damages arising out of or in connection with the use 
or spread of this information. 

-------------

About CSC
Founded in 1959, Computer Sciences Corporation is a leading global 
information technology (IT) services company. CSC's mission is to provide 
customers in industry and government with solutions crafted to meet their 
specific challenges and enable them to profit from the advanced use of 
technology.

With approximately 78,000 employees, CSC provides innovative solutions for 
customers around the world by applying leading technologies and CSC's own 
advanced capabilities. These include systems design and integration; IT 
and business process outsourcing; applications software development; Web 
and application hosting; and management consulting. Headquartered in El 
Segundo, Calif., CSC reported revenue of $14.5 billion for the 12 months 
ended Sept. 30, 2005. For more information, visit the company's Web site 
at www.csc.com

Copyright (c) 2005, Computer Sciences Corporation


--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
This is a PRIVATE message. If you are not the intended recipient, please 
delete without copying and kindly advise us by e-mail of the mistake in 
delivery. NOTE: Regardless of content, this e-mail shall not operate to 
bind CSC to any order or other contract unless pursuant to explicit 
written agreement or government initiative expressly permitting the use of 
e-mail for such purpose.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

--=_alternative 004699B2802570D7_=
Content-Type: text/html; charset="US-ASCII"


<br><font size=2 face="CourierPS">Computer Sciences Corporation Security
Advisory</font>
<br><font size=2 face="CourierPS">December 14, 2005</font>
<br>
<br><font size=2 face="CourierPS">Summary: </font>
<br><font size=2 face="CourierPS">CSC have discovered an issue that could
impact upon the availability and security of servers operating Business
Objects WebIntelligence software. If a remote malicious attacker is able
to access authentication mechanisms (ordinarily through form input) they
can lock out and effectively disable user accounts, including General Supervisor
(admin) users leading to system unavailability. &nbsp;</font>
<br>
<br><font size=2 face="CourierPS">Business Impact: </font>
<br><font size=2 face="CourierPS">Successful exploitation of this issue
could lead to system unavailability and significant loss of productivity.
This attack requires limited knowledge of WebIntelligence default account
details, and provided no additional changes have been made in configuration,
high level (and vital) accounts can be disabled. By using automated brute
force tools, a potential attacker can easily disable accounts associated
with legitimate system users. </font>
<br>
<br><font size=2 face="CourierPS">Affected Product(s): </font>
<br><font size=2 face="CourierPS">Business Objects WebIntelligence 6.5x</font>
<br><font size=2 face="CourierPS">(It should be noted that additional software
may be affected and the vendor should be contacted for confirmation).</font>
<br>
<br><font size=2 face="CourierPS">Remediation: </font>
<br><font size=2 face="CourierPS">The vendor has proposed a number of remediation
strategies, namely:</font>
<br>
<br><font size=2 face="CourierPS">1 - Disable &quot;the number of failed
logins allowed&quot; feature. Using this solution, a remote attacker is
unable to disable legitimate accounts. It should be noted however, that
with unlimited attempts at establishing password details associated with
legitimate accounts, the attacker can potentially discover legitimate credentials.</font>
<br>
<br><font size=2 face="CourierPS">2 - Use external authentication systems
(Windows Authentication mode, or SSO with Site Minder, LDAP, Active Directory).
</font>
<br>
<br><font size=2 face="CourierPS">Business Objects have also published
a Knowledge Base article referencing this issue with the ID of 19915. This
Knowledge Base article is available via the vendor support portal at: http://www.techsupport.businessobjects.com/</font>
<br>
<br><font size=2 face="CourierPS">Credit:</font>
<br><font size=2 face="CourierPS">This vulnerability was discovered by
Michael Kemp of CSC (Computer Sciences Corporation).</font>
<br>
<br><font size=2 face="CourierPS">-------------</font>
<br>
<br><font size=2 face="CourierPS">This document is not to be edited or
altered in any way without the express written consent of CSC. You may
provide links to this document from web sites or mailing lists, and you
may make copies of this document in accordance with the fair use doctrine
of the U.S. copyright laws. </font>
<br>
<br><font size=2 face="CourierPS">Disclaimer: The information contained
in this document may change without notice. There are NO warranties, implied
or otherwise, with regard to this information or its use. In no event shall
the author/distributor (CSC) be held liable for any damages arising out
of or in connection with the use or spread of this information. </font>
<br>
<br><font size=2 face="CourierPS">-------------</font>
<br>
<br><font size=2 face="CourierPS">About CSC</font>
<br><font size=2 face="CourierPS">Founded in 1959, Computer Sciences Corporation
is a leading global information technology (IT) services company. CSC's
mission is to provide customers in industry and government with solutions
crafted to meet their specific challenges and enable them to profit from
the advanced use of technology.</font>
<br>
<br><font size=2 face="CourierPS">With approximately 78,000 employees,
CSC provides innovative solutions for customers around the world by applying
leading technologies and CSC's own advanced capabilities. These include
systems design and integration; IT and business process outsourcing; applications
software development; Web and application hosting; and management consulting.
Headquartered in El Segundo, Calif., CSC reported revenue of $14.5 billion
for the 12 months ended Sept. 30, 2005. For more information, visit the
company's Web site at www.csc.com</font>
<br>
<br><font size=2 face="CourierPS">Copyright (c) 2005, Computer Sciences
Corporation</font><font size=2 face="sans-serif"><br>
<br>
<br>
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------<br>
This is a PRIVATE message. If you are not the intended recipient, please
delete without copying and kindly advise us by e-mail of the mistake in
delivery. NOTE: Regardless of content, this e-mail shall not operate to
bind CSC to any order or other contract unless pursuant to explicit written
agreement or government initiative expressly permitting the use of e-mail
for such purpose.<br>
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------<br>
</font>
--=_alternative 004699B2802570D7_=--

--===============0890334702==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--===============0890334702==--

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC