[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200304291621.h3TGLOoK007055@mailout.syss.de>
Date: Tue, 29 Apr 2003 18:02:19 +0200
From: Kroma Pierre <kroma@...s.de>
To: bugtraq@...urityfocus.com
Subject: Auerswald COMsuite/ Back Door
------------------------------------------------------------------------
SySS-Advisory: Auerswald COMsuite/ Back Door
DATE: April 16th 03 (Published 29th April 03)
AUTHOR: Sebastian Schreiber <Schreiber@...S.de>
SySS GmbH
72070 Tübingen / Germany
Tel.: +49-7071-407856-0
AFFECTED SYSTEMS:
Auerswald COMsuite CTI ControlCenter 3,1,2001,6
(also known as: 3.1 06/2001)
(see: www.auerswald.de)
DESCRIPTION:
If you install the CTI applicaton "Auerswald
COMsuite CTI Control Center" a user "runasositron"
is created. The user's password is known by SySS and
very easy to guess (using L0phtCrack for example).
IMPACT: This account can be used locally and remotely to
access the Windows PC on which COMsuite is installed.
WORKAROUND: Deactivate the user. CTI still works.
VENDOR STATUS: Auerswald has been contacted on April 15th 2003.
Auerswald told me that deactivating the
account might disable fax/voice mail if nobody
is logged on.
Best regards,
Dipl.-Inform. Pierre Kroma
Security Consultant
========================================================
SySS GmbH
72070 Tübingen
Germany
Voice: ++49 7071-407856-0
mailto: Kroma@...s.de
Key fingerprint = 927A B13E 16F5 BBAB 8F17 75EB D8E1 A9A4 F257 4EEC
Powered by blists - more mailing lists