Vulnerabilities > CVE-2009-2357 - Configuration vulnerability in Yasinkaplan Tekradius 3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The default configuration of TekRADIUS 3.0 uses the sa account to communicate with Microsoft SQL Server, which makes it easier for remote attackers to obtain privileged access to the database and the underlying Windows operating system.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Seebug
| bulletinFamily | exploit |
| description | CVE(CAN) ID: CVE-2009-2357,CVE-2009-2358,CVE-2009-2359 TekRadius是一个免费的RADIUS服务器,可以支持RFC 2865和RFC 2866规范。 1) TekRADIUS的默认配置使用sa账号与Microsoft SQL Server通讯,远程攻击者可以相对较容易的获得对数据库的特权访问。 2) TekRADIUS将数据库凭据存储在了C:\Program Files\TekRADIUS\TekRADIUS.ini文件中。任何Windows本地用户都可以访问这个文件,读取加密了的凭据。 3) 可通过GUI或命令行客户端管理TekRADIUS。根据设计,非特权Windows用户仅有有限的功能以防范某些更改。但如果用户在对话框或命令行中提及了恶意参数请求,就可以通过SQL注入攻击对数据库执行非授权操作。 Yasin KAPLAN TekRADIUS 3.0 厂商补丁: Yasin KAPLAN ------------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.tekradius.com/ |
| id | SSV:11784 |
| last seen | 2017-11-19 |
| modified | 2009-07-10 |
| published | 2009-07-10 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-11784 |
| title | TekRADIUS SQL注入及不安全权限漏洞 |