lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <201108151546.p7FFk4fk007728@sf01web2.securityfocus.com>
Date: Mon, 15 Aug 2011 15:46:04 GMT
From: robkraus@...tionary.com
To: bugtraq@...urityfocus.com
Subject: NetSaro Enterprise Messenger Server Administration Console Weak
 Cryptographic Password Storage Vulnerability

NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability

CVSS Risk Rating: 4.6 (Medium)

Product: NetSaro Enterprise Messenger Server

Application Vendor: SEM Software

Vendor URL: http://www.netsaro.com/

Public disclosure date: 8/15/2011

Discovered by: Jose Hernandez, Rob Kraus, and Solutionary Engineering Research Team (SERT)

Solutionary ID: SERT-VDN-1010

Solutionary public disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/NetSaro-Enterprise-Messenger-Vulnerability.html

Vulnerability Description: A vulnerability exists in the NetSaro Enterprise Messenger Server application allowing an attacker to easily decrypt passwords used to authenticate to the application. The application implements Base64 encoding to obfuscate the values of plaintext passwords used for logging into the server administration console. This is a second level attack that requires access to the password files stored within the application root directory. An attacker who has previously compromised the host operating system or achieved direct access to the configuration.xml file found in the "NetSaro Enterprise Server" directory can obtain the encoded user credentials and decrypt them using readily available Base64 decoding tools. More information about this class of vulnerability can be obtained by visiting http://cwe.mitre.org/top25/index.html#CWE-327 : Use of a Broken or Risky Cryptographic Algorithm – CWE 327

Affected software versions: NetSaro Enterprise Messenger Server v2.0 (previous versions may also be vulnerable)

Impact: In cases where access to the configuration.xml file is obtained, an attacker can decrypt all username and password values and reuse them against other systems within the network.

Fixed in: None Available

Remediation guidelines: Limit access to this hosts running the software and apply security patches as they become available.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ