[Full-Disclosure] Power Quest Deploy Center 5.5 boot disks
From: opticfiber (no email)
Date: 08/27/04
- Previous message: Donato Ferrante: "[Full-Disclosure] DoS in Chat Anywhere 2.72a"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <full-disclosure@lists.netsys.com> Date: Fri, 27 Aug 2004 6:49:37 -0000
A vulnerability has been found in power quest deploy center 5.5 boot disks.
Normally when creating a PQDI network boot disk, the administrator has the
option to have the machine login to a domain controller to access a shared
resource. Besides the authentication method using lm (insecure), a buffer
overflow exists in stuffit.com.
Stuffit.com is the control mechanism that allows the power quest boot disk
to decode/decrypt stored password(s) in stuffit.dat. A typical line in the
disks autoexec.bat file looks like: stuffit /f:stuffit.dat , this loads the
stored password resident in memory. However, if this same command is
repeated 4 or more times at the command prompt the program overflows,
actually printing the clear text password right on the command prompt.
William Reyor
Topsight.net
________________________________________________
This mail was sent by UebiMiau 2.5
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Donato Ferrante: "[Full-Disclosure] DoS in Chat Anywhere 2.72a"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
