[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    [Information Disclosure] NetForce v4.02 Sends NIS Password Maps
From:       bambenek () gmail ! com
Date:       2005-10-01 1:41:33
Message-ID: 20051001014133.11786.qmail () securityfocus ! com
[Download RAW message or body]

Vendor: Procom Technology, Inc.
Product: NetFORCE 800, v 4.02 M10 (Build 20)
Other Versions Vulnerable: unknown, vendor’s website sucks so I can’t tell
Vulnerability type: Information disclosure
Severity: Medium

* Software Information
  --------------------
  Model          : NetFORCE 800
  Version        : 4.02 M10 (Build 20)
  Vendor         : Procom Technology, Inc.

Description:

NetFORCE’s operating system on the NAS includes the ability to send a diagnostic \
e-mail with a wealth of information to the technician to be able to diagnose problems \
without providing direct remote access.  This diagnostic email includes output from \
various programs, statistical reports, and several file attachments.

One of these file attachments (passwd.nis) includes the NIS password map of any \
domain it is bound to, happily sending the entire domains fscking password hashes in \
the clear across the Internet over sendmail.  This doesn’t impact you if you don’t \
use NIS as the other files that include user information “blank” out the password \
information.

NetFORCE sold its intellectual property to Sun and Sun uses the same systems to base \
their NAS solution off of.  Because the NetFORCE website no longer has software \
versioning information, it is not possible to test on other versions or determine \
which versions are or are not vulnerable.


[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic