what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Trend Micro Credential Leak

Trend Micro Credential Leak
Posted Feb 9, 2009
Authored by David Vorel

Trend Micro IWSVA / IWSS suffers from an authorization module password leak vulnerability.

tags | advisory
SHA-256 | 20af7f21fbe2aa34980e1ed5e9f4f181d9b7fea9d006951eef0db319dcff0126

Trend Micro Credential Leak

Change Mirror Download
There is possbile get username and password from "Proxy-Authorization" header, which is not correctly removed when authorization header sends WMP.

Requirements:

- IWSVA/IWSS basic authorization on
- Client is using WMP (8-11) as video player
- Standalone proxy (if upstream proxy is used, "Proxy-Authorization" header is removed by this upstream proxy)

Bug:

WMP sends authorization header in this format:

Proxy-Authorization: basic =xxxxxxxxxx

In that case IWSVA/IWSS extract correct authorization information, but it does not remove this Proxy-Authorization header. (it seems because of lovercase "b" in basic, even if IWSVA/IWSS knows, that this is authorization header and can extract correct username/password).


Scenario:

Some "bad" guy knows, that company XY use IWSVA/IWSS and basic authorization, so he sends them url with prepared video stream (whatever format for WMP) and waits for users access. When user access this url, "bad" guy gets whole "Proxy-Authorization" header which contains also base64 hash with username/password.


Happy pentesting..
Login or Register to add favorites

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    16 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close