[NEWS] Pointsec for PalmOS PIN Disclosure
From: support@securiteam.comDate: 05/07/02
- Previous message: support@securiteam.com: "[TOOL] SQLSmack, a UNIX Based Remote Command Execution for MSSQL"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Tue, 7 May 2002 20:08:00 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Pointsec for PalmOS PIN Disclosure
------------------------------------------------------------------------
SUMMARY
<http://www.pointsec.com/> Pointsec software for PalmOS stores its
authentication credentials in clear-text in memory. These credentials (the
PIN code) can be retrieved in a few seconds once the Palm device is
authenticated.
DETAILS
Vulnerable systems:
- Pointsec for PalmOS version 1.0
- Pointsec for PalmOS version 1.1
Immune systems:
- Pointsec for PalmOS version 1.2
The Pointsec software for PalmOS uses a PIN code to unlock the Palm
device. This PIN code is stored in clear-text in the memory of the Palm
device.
The PIN code can be extracted by dumping the memory of the device once the
user has authenticated. The extraction only takes a few seconds.
The Pointsec software can be configured to time-out after a given period,
forcing re-entry of the PIN code. However, this period is most likely
longer than the time it takes for a malicious user to steal the Palm and
extract the PIN thus giving him access to all the data on the Palm.
Vendor response:
The vendor was contacted about the first issue on the 13th of February,
2002. We received a new version of Pointsec for PalmOS on 18th of May
which corrected this specific issue.
Corrective action:
Upgrade to Pointsec for PalmOS version 1.2, which is available from
Pointsec.
ADDITIONAL INFORMATION
The information has been provided by <mailto:binken.laurens@kpmg.nl>
Laurens Binken.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[TOOL] SQLSmack, a UNIX Based Remote Command Execution for MSSQL"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
