Novell Netware Print Server Passwordless Account Vulnerability
BID:2446
Info
Novell Netware Print Server Passwordless Account Vulnerability
| Bugtraq ID: | 2446 |
| Class: | Configuration Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 08 2001 12:00AM |
| Updated: | Mar 08 2001 12:00AM |
| Credit: | This vulnerability was announced to Bugtraq by Chris Hughes <[email protected]> on March 8, 2001. |
| Vulnerable: |
Novell Netware 5.1 Novell Netware 5.0 Novell Netware 4.11 Novell Netware 4.1.1 Novell Netware 4.1 Novell Netware 3.1.2 Novell Netware 3.1 |
| Not Vulnerable: | |
Discussion
Novell Netware Print Server Passwordless Account Vulnerability
Netware is a Network Operating System distributed and maintained by Novell Incorporated. It is designed to offer a secure network environment with strict access control.
A problem in the default implementation of Netware could make it possible for an unauthorized user to gain access to network resources. In a default installation of Netware, a seperate user account is used for the print server. This user is normally given privileges over the printer container. However, a password is usually not set on this account, nor is it prompted for.
This problem makes it possible for a user to gain access to a Netware network with the account and privileges of the printer user.
Netware is a Network Operating System distributed and maintained by Novell Incorporated. It is designed to offer a secure network environment with strict access control.
A problem in the default implementation of Netware could make it possible for an unauthorized user to gain access to network resources. In a default installation of Netware, a seperate user account is used for the print server. This user is normally given privileges over the printer container. However, a password is usually not set on this account, nor is it prompted for.
This problem makes it possible for a user to gain access to a Netware network with the account and privileges of the printer user.
Solution / Fix
Novell Netware Print Server Passwordless Account Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Novell Netware Print Server Passwordless Account Vulnerability
References:
References: