[22291] in bugtraq
RE: Arkeia Possible remote root & information leakage
daemon@ATHENA.MIT.EDU (Neil Curri)
Fri Aug 17 11:36:24 2001
Message-ID: <361D0AC11FC34E4C9AE9A723506570135EF863@FC-EXCH>
From: Neil Curri <NCurri@gjusa.com>
To: bugtraq@securityfocus.com
Date: Fri, 17 Aug 2001 11:32:36 -0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
> Because the salt is known and because the max password length is 8
> characters it would not be beyond the realms of possibility to crack
> the password (effectively a root password)
>
It is only an arkeia "root" password. It's not even a real user with a
shell. Make sure your system root password is different from your arkeia
root password.
> once you have access through
> the gui, you have the possibility of running a command from the gui
> before and after the backup job. This command is run as root and can be
> anything.
>
I didn't realize this, but it makes sense. If you install the RPM as
the system root, arkeia processes will be run as root.
> Use an SSH tunnel (www.ssh.com www.openssh.com)
>
This article on arkeia's support site explains how to set up an ssh tunnel
through a firewall for arkeia:
http://support.arkeia.com/cgi-bin/arkeia/solution?11=000322-0014&130=0953783
453&14=&2715=&15=&2716=&57=search&58=&2900=JP9cQm9m9p&25=7&3=ssh
