lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050222091943.GM76018@DAPCVA.da>
Date: Tue, 22 Feb 2005 10:19:43 +0100
From: Vincent Archer <var@...y-all.com>
To: H D Moore <sflist@...italoffense.net>
Cc: bugtraq@...urityfocus.com
Subject: Re: Arkeia Network Backup Client Remote Access


On Sun, Feb 20, 2005 at 02:41:36PM -0600, H D Moore wrote:
> Anyone able to connect to TCP port 617 can gain read/write access to the 
> filesystem of any host running the Arkeia agent software. This appears to 
> be an intentional design decision on the part of the Arkeia developers. A 
> long-winded description of this issue, complete with screen shots, 
> demonstration code, and packet captures can found online at:
> 
>  - http://metasploit.com/research/arkeia_agent/

Note that, on the arkeia user list, somebody pointed out that clients
can be configured to disallow this from anybody but the server. But that's
not the default configuration, the default is "plug and play", that is, you
throw the software on the client and it works.

The relevant section is Appendix B of the user manual. It tells you how
to setup your client with the equivalent of tcp_wrapper security.

Even then, you still have a small vulnerability, in that anyone who
has access to the server system can still impersonate the arkeia software
to access the client. But you can't do that from any random machine.

-- 
Vincent ARCHER
varcher@...yall.com

Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 5, rue Scribe - 75009 Paris - France
www.denyall.com



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ