[23801] in bugtraq
Re: Legato Vulnerable
daemon@ATHENA.MIT.EDU (Wolfgang Fischer)
Thu Jan 10 18:04:19 2002
Date: Thu, 10 Jan 2002 23:05:19 +0100
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v480)
Cc: bugtraq@securityfocus.com
To: "Venkatesh babu Sira" <vsira@hotmail.com>
From: Wolfgang Fischer <wf227@yahoo.de>
In-Reply-To: <F118tf2TyYETrcVkrew0001099d@hotmail.com>
Message-Id: <22B0E61F-0616-11D6-A481-003065D58516@yahoo.de>
Content-Transfer-Encoding: 7bit
This problem is fixed with the current version of NetWorker, 6.1.1.
NetWorker will also not change the permissions of an existing /nsr/logs
directory, you might change the permissions to 0700. Notice, you should
not change the permissions of applogs, because db-modules are might run
with non-root accounts.
Wolfgang
Am Donnerstag den, 10. Januar 2002, um 19:00, schrieb Venkatesh babu
Sira:
> Scenario is Legato Networker with one drive as NDMP to Backup Netapp.
> When u start the group to backup Netapp using NDMP drive ,in
> /nsr/logs/daemon.log it writes all the info including username &
> passwd(clear text) for NetApp (usually it will root )
> As any one can read this file ,so that he can mess up NetApp.
> I Moved /nsr dir & stop & restarted Networker ,it will recreate /nsr
> dir with 755 perm.
> This is seriously vulnerable to NetApp.
> I masked few variables from my log file.
> Solaris7, Networker 6.1 & NetApp DataONTAP 6.0.3.
>
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
