Compaq Management Agents for Netware Plaintext Password Vulnerability
BID:1917
Info
Compaq Management Agents for Netware Plaintext Password Vulnerability
| Bugtraq ID: | 1917 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Nov 06 2000 12:00AM |
| Updated: | Nov 06 2000 12:00AM |
| Credit: | Posted to Bugtraq on November 7, 2000 by Ian Vitek <[email protected]>. |
| Vulnerable: |
Compaq Management Agents for Netware 2.28 |
| Not Vulnerable: | |
Discussion
Compaq Management Agents for Netware Plaintext Password Vulnerability
The default installation of Compaq Management Agents allow anonymous access via port 2301 over HTTP to the files \SYSTEM\AUTOEXEC.NCF and \ETC\NETINFO.CFG. These files may contain the remote console password in addition to others such as the SNMP ControlCommunity password. The passwords are stored in plaintext and can be obtained by connecting to:
http://target:2301/survey
Successful retrieval of the passwords may allow a malicious user to gain full administrative control over the Management Agents.
The default installation of Compaq Management Agents allow anonymous access via port 2301 over HTTP to the files \SYSTEM\AUTOEXEC.NCF and \ETC\NETINFO.CFG. These files may contain the remote console password in addition to others such as the SNMP ControlCommunity password. The passwords are stored in plaintext and can be obtained by connecting to:
http://target:2301/survey
Successful retrieval of the passwords may allow a malicious user to gain full administrative control over the Management Agents.
Exploit / POC
Compaq Management Agents for Netware Plaintext Password Vulnerability
See discussion.
See discussion.
Solution / Fix
Compaq Management Agents for Netware Plaintext Password Vulnerability
Solution:
Currently the SecurityFocus staff are not ware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not ware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
Compaq Management Agents for Netware Plaintext Password Vulnerability
References:
References: