'Dangerous information in CentraOne Log files,'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntbugtraq
Subject:    Dangerous information in CentraOne Log files,
From:       zedfly () HUSHMAIL ! COM
Date:       2001-12-17 14:17:05
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----

Vendor Contacted:       12/7/01
Date Published: 12/17/01
Bugtraq ID:     -
CVE CAN:        -
Title:  Dangerous information being recorded in CentraOne Log files, possible user \
                impersonation
Severity:       Medium
Remote Exploit: No
Local Exploit:  Yes

Vulnerability Description:
Centra is a Web-based product designed to facilitate e-learning and collaboration.  \
By default, when the application is launched, several log files are created within \
one of the application's sub-directories.  These log files are not protected and \
contain sensitive information about the user, his/her machine and the connected \
network; including the proxy server name, port, exception list and a base64 encoded \
username / password string.  Base64 is not an encryption method and it is, therefore, \
trivial to decode the clear text username and password.

This information could easily be used to successfully launch an impersonation attack \
on related systems participating in the user's network by both internal and external \
users as Centra technical support frequently request that these files be e-mailed and \
external facing devices such as remote access devices and secure web sites typically \
use the same username / password combination.

Solution/Vendor Information/Workaround:
Vendor contacted on 12/7/01.  Having received no response by 12/17, vulnerability \
                published.
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wlsEARECABsFAjwd/fsUHHplZGZseUBodXNobWFpbC5jb20ACgkQUqpz3LoqFkkFdwCf
ROqyi8jce6/+Lt8QVQiYOdTwYL4An2j18u14T/dJ4ld9ybsg12gWBVxy
=MAoN
-----END PGP SIGNATURE-----

============================================================================
Delivery co-sponsored by Trend Micro, Inc.
============================================================================
BEST-OF-BREED ANTIVIRUS SOLUTION FOR MICROSOFT EXCHANGE 2000
Earn 5% rebate on licenses purchased for Trend Micro ScanMail for
Microsoft Exchange 2000 between October 1 and November 16. ScanMail
ensures 100% scanning of inbound and outbound traffic and provides
remote software management. For program details or to download your
30-day FREE evaluation copy:
http://www.antivirus.com/banners/tracking.asp?si=53&bi=245&ul=http://www.a
ntivirus.com/smex2000_rebate


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic