lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: sadair at vt.edu (Steven Adair)
Subject: Windows DoS in certain pGina configurations

Date:                    October 22, 2004
Product/Service:   pGina 1.7.6 and probably older version
Issue:                    Windows DoS in certain pGina configurations
URL:                    http://pgina.xpasystems.com/
Advisory URL:     http://www.lovebug.org/pgina_dos.txt

Service Overview:

pGina is a program that will work in place of Microsoft's GINA (msgina.dll).
It's a great tool that works in conjunction with various plugins to allow
different methods of user authentication.  For example, instead of just
using standard local user authentication or domains AD, it can be compared
agains a POP3 server, MySQL database, LDAP, Slashdot user accounts, and many
more.  It is open source and readily available for free for anyone to use
and implement.

Issue:

A small problem can exist when the administrator does not disable the
"Restart" or "Shutdown" option from the login screen.  The problem exists
when the machine is running Remote Desktop.  If an attacker connects to the
a target machine, the attacker can simply reboot or shutdown the machine at
the click of a button.  The choices to restart or shutdown are available to
a user when connecting via Remote Desktop and an attacker can use this as a
way to deny service.

Solutions:

The administrator simply needs to configure the machine to have the shutdown
and restart options disabled.  This is very easily done and accessible
through the pGina configuration executable.


Vendor Response:

There is no need to get a response from the vendor as this issue can be
taken care of through proper administration.  People just need to be awar
that this problem can and does exist.

---------------------------

Questions/Comments/Other?  Drop me a line.  Go Hokies! :D


-Steven
steven@...ebug.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ