Vulnerabilities > CVE-2002-0236 - Unspecified vulnerability in Lucent products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

lucent

nessus

exploit available

NVD

Published: 2002-05-29

Updated: 2024-11-20

Summary

Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe program, which returns a valid cookie for the desired user.

Vulnerable Configurations

Part	Description	Count
Application	Lucent Lucent Vitalevent 8.0 Lucent Vitalevent 8.1 Lucent Vitalevent 8.2 Lucent Vitalsuite 8.0 Lucent Vitalsuite 8.2 Lucent Vitalsuite 8.1 Lucent Vitalnet 8.0 Lucent Vitalnet 8.1 Lucent Vitalnet 8.2 Lucent Vitalanalysis 8.0 Lucent Vitalanalysis 8.1 Lucent Vitalanalysis 8.2 Lucent Vitalhelp 8.2 Lucent Vitalhelp 8.0 Lucent Vitalhelp 8.1	15

Exploit-Db

description	Lucent 8.x VitalNet Password Authentication Bypass Vulnerability. CVE-2002-0236. Remote exploit for windows platform
id	EDB-ID:21203
last seen	2016-02-02
modified	2002-01-16
published	2002-01-16
reporter	Mark Cooper
source	https://www.exploit-db.com/download/21203/
title	Lucent 8.x VitalNet Password Authentication Bypass Vulnerability

Nessus

NASL family	CGI abuses
NASL id	VSSETCOOKIE.NASL
description	The VsSetCookie.exe CGI exists on the remote web server. Some versions of this file have an unauthorized access vulnerability. Making a request similar to : http://www.example.com/cgi-bin/VsSetCookie.exe?vsuser=<user_name> will result in full access if a valid username is provided. Please note Nessus solely relied on the existence of this CGI in reporting this vulnerability.
last seen	2020-06-01
modified	2020-06-02
plugin id	11731
published	2003-06-11
reporter	This script is Copyright (C) 2003-2018 John Lampe
source	https://www.tenable.com/plugins/nessus/11731
title	Lucent VitalNet VsSetCookie.exe Unauthorized Access
code	# # This script was written by John [email protected] # # See the Nessus Scripts License for details # # Changes by Tenable: # - Revised plugin title (4/9/2009) include("compat.inc"); if (description) { script_id(11731); script_version("1.26"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/12"); script_cve_id("CVE-2002-0236"); script_bugtraq_id(3784); script_name(english:"Lucent VitalNet VsSetCookie.exe Unauthorized Access"); script_summary(english:"Checks for the VsSetCookie.exe file"); script_set_attribute(attribute:"synopsis", value: "A web application on the remote host has an unauthorized access vulnerability."); script_set_attribute(attribute:"description", value: "The VsSetCookie.exe CGI exists on the remote web server. Some versions of this file have an unauthorized access vulnerability. Making a request similar to : http://www.example.com/cgi-bin/VsSetCookie.exe?vsuser=<user_name> will result in full access if a valid username is provided. Please note Nessus solely relied on the existence of this CGI in reporting this vulnerability."); script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2002/Feb/60"); script_set_attribute(attribute:"solution", value:"Contact the vendor for a patch."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2002/01/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2003/06/11"); script_set_attribute(attribute:"potential_vulnerability", value:"true"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2003-2020 John Lampe"); script_family(english:"CGI abuses"); script_dependencie("http_version.nasl"); script_exclude_keys("Settings/disable_cgi_scanning"); script_require_keys("Settings/ParanoidReport"); script_require_ports("Services/www", 80); exit(0); } include("audit.inc"); include("global_settings.inc"); include("http_func.inc"); include("http_keepalive.inc"); if (report_paranoia < 2) audit(AUDIT_PARANOID); port = get_http_port(default:80, embedded:TRUE); flag = 0; directory = ""; foreach dir (cgi_dirs()) { u = string(dir, "/VsSetCookie.exe"); if(is_cgi_installed_ka(item: u, port:port)) { report = '\n'+build_url(qs:u, port:port)+' was found.\n'; security_hole(port:port, extra:report); break; } }

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References