Tiny WinRoute Pro Authentication Vulnerability
BID:2163
Info
Tiny WinRoute Pro Authentication Vulnerability
| Bugtraq ID: | 2163 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Dec 30 2000 12:00AM |
| Updated: | Dec 30 2000 12:00AM |
| Credit: | Discovered and posted to Bugtraq on Dec 30, 2000 by Peter Miller <[email protected]>. |
| Vulnerable: |
Tiny WinRoute 4.1 |
| Not Vulnerable: | |
Discussion
Tiny WinRoute Pro Authentication Vulnerability
Tiny WinRoute Pro is a firewall and internet router which enables networked machines to access the internet through a single connection. WinRoute has various features inculding a mail server which is compatible with most common internet protocols.
By default, an option called "Use Windows NT logon authentication" is set to "on". This option allows users to retrieve email from the WinRoute POP server using credentials from an NT domain. Unfortunately, all authentication information is recieved by the POP server in cleartext.
It is possible for an attacker eavesdropping on network traffic between a user and a POP server to retrieve the POP username and password. Because WinRoute allows NT Domain authentication information to be used, the security of a Windows Network can be compromised if the cleartext POP traffic is intercepted.
An attacker could use sniffed Windows domain usernames and passwords to access a Windows network and launch further attacks.
Tiny WinRoute Pro is a firewall and internet router which enables networked machines to access the internet through a single connection. WinRoute has various features inculding a mail server which is compatible with most common internet protocols.
By default, an option called "Use Windows NT logon authentication" is set to "on". This option allows users to retrieve email from the WinRoute POP server using credentials from an NT domain. Unfortunately, all authentication information is recieved by the POP server in cleartext.
It is possible for an attacker eavesdropping on network traffic between a user and a POP server to retrieve the POP username and password. Because WinRoute allows NT Domain authentication information to be used, the security of a Windows Network can be compromised if the cleartext POP traffic is intercepted.
An attacker could use sniffed Windows domain usernames and passwords to access a Windows network and launch further attacks.
Exploit / POC
Tiny WinRoute Pro Authentication Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Tiny WinRoute Pro Authentication Vulnerability
Solution:
This vulnerability will be addressed in the release of WinRoute Pro 5.0. Expected Release date is June 2001.
Solution:
This vulnerability will be addressed in the release of WinRoute Pro 5.0. Expected Release date is June 2001.
References
Tiny WinRoute Pro Authentication Vulnerability
References:
References:
- WinRoute Product Home Page (Tiny Software)