Tridium Niagara AX Web Server Multiple Vulnerabilities

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote host is running a web server that is affected by multiple
vulnerabilities.

Description :

The remote host is running a version of Tridium Niagara AX Web Server
that is affected by multiple vulnerabilities :

- A directory traversal vulnerability exists that allows
access to a file that stores login usernames and
passwords. (CVE-2012-4027)

- The system insecurely stores user authentication
credentials in 'config.bog'. (CVE-2012-4028)

- Usernames and passwords are stored in plaintext via
Base64 encoding in client side cookies. (CVE-2012-3025)

- The software generates predictable session IDs.
(CVE-2012-3024)

See also :

http://www.nessus.org/u?561bd68d

Solution :

Apply the applicable security patch per the vendor's advisory.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:N)
CVSS Temporal Score : 5.9
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 67144 ()

Bugtraq ID: 54454
55042
61740
61741

CVE ID: CVE-2012-3024
CVE-2012-3025
CVE-2012-4027
CVE-2012-4028