[VulnWatch] Re: NetObserve Security Bypass Vulnerability

From: Peter Winter-Smith (peter4020_at_hotmail.com)
Date: 12/31/03

• Previous message: Marukka: "[VulnWatch] Local Denial Of Service Attack Against Apple MacOS X, MacOS X Server, and Darwin."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: bugs@securitytracker.com, bugtraq@securityfocus.com, news@securiteam.com, vuln@secunia.com, vuln@security.nnov.ru, vulndb@securityfocus.com, vulnwatch@vulnwatch.org
Date: Wed, 31 Dec 2003 00:52:31 +0000

Re: NetObserve Security Bypass Vulnerability

############################################

Credit:
Author : Peter Winter-Smith

Software:
Packages : NetObserve
Version : 2.0 and prior
Vendor : ExploreAnywhere Software
Vendor Url : http://www.exploreanywhere.com/no-intro.php

Vulnerability:
Bug Type : Security Bypass
Severity : Highly Critical
              + Remote System Command Via NetObserve

UPDATE:

I may have been a little unclear in my description of the
exploitability of this flaw. It seems that I interchanged the words
'administrator' and 'remote user' giving the impression that only a
current'user' of the administration panel can compromise the system
through these flaws. In actual fact it is possible to compromise a system
running NetObserve without being any kind of authenticated user or
administrator!

I thought I should mention this because it has been labelled as only
exploitable by current users of the NetObserve system, which is
technically incorrect - anyone can exploit it :-)

The complete document on this flaw can be found at:
http://www.elitehaven.net/netobserve.txt

Thanks to you all for the tireless effort and research work which you
put into the security community!

-Peter Winter-Smith

_________________________________________________________________
Tired of 56k? Get a FREE BT Broadband connection
http://www.msn.co.uk/specials/btbroadband

• Previous message: Marukka: "[VulnWatch] Local Denial Of Service Attack Against Apple MacOS X, MacOS X Server, and Darwin."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages NetObserve Security Bypass Vulnerability ... NetObserve Security Bypass Vulnerability ... NetObserve is extremely persistant when trying to ensure that any remote ... user issuing commands to the server is properly authenticated. ... (Bugtraq) [VulnWatch] NetObserve Security Bypass Vulnerability ... NetObserve Security Bypass Vulnerability ... NetObserve is extremely persistant when trying to ensure that any remote ... user issuing commands to the server is properly authenticated. ... (VulnWatch)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint