[NEWS] Dangerous Information Recorded in CentraOne Log Files
From: support@securiteam.comDate: 12/21/01
- Previous message: support@securiteam.com: "[UNIX] WMCube-GDK Yields KMEM Security Privileges"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Fri, 21 Dec 2001 13:25:48 +0100 (CET)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Dangerous Information Recorded in CentraOne Log Files
------------------------------------------------------------------------
SUMMARY
A security vulnerability in
<http://www.centra.com/products/centraone.asp> CenetraOne could allow
users with access to the log files that are not protected by security
settings by default, nor encrypted in any serious form (the password is
encoded in Base64).
This allows local users to gain enough information about the accessing
user to successfully impersonate him.
DETAILS
Centra is a Web-based product designed to facilitate e-learning and
collaboration. By default, when the application is launched, several log
files are created within one of the application's sub-directories. These
log files are not protected and contain sensitive information about the
user, his/her machine and the connected network; including the proxy
server name, port, exception list and a base64 encoded username / password
string. Base64 is not an encryption method and it is, therefore, trivial
to decode the clear text username and password.
This information could easily be used to successfully launch an
impersonation attack on related systems participating in the user's
network by both internal and external users as Centra technical support
frequently request that these files be e-mailed and external facing
devices such as remote access devices and secure web sites typically use
the same username / password combination.
ADDITIONAL INFORMATION
The information has been provided by <mailto:zedfly@HUSHMAIL.COM> zedfly.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[UNIX] WMCube-GDK Yields KMEM Security Privileges"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
