[23984] in bugtraq
BindView NetInventory NetRC hostcfg_ni password passed in clear t
daemon@ATHENA.MIT.EDU (Barker, Brent)
Fri Jan 25 09:05:47 2002
Message-ID: <818E55AF1FE8D411A0D5005004736EB20EED5D@express.viasat.com>
From: "Barker, Brent" <hostmaster@viasat.com>
To: "'bugtraq@securityfocus.com'" <bugtraq@securityfocus.com>
Date: Thu, 24 Jan 2002 13:53:39 -0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
A design flaw exist in BindView NetInventory and NetRC software that
allows users to view the password during auditing.
Discovered: Wednesday, January 09, 2002 4:54 PM
Steps to reproduce the flaw.
Local users can delete their HOSTCFG._NI file and then force an audit from
the netlogon directory. During the audit the HOSTCFG._NI is rewritten as
HOSTCFG.INI which is in clear text until the audit is complete.
Each machine on the network configured with that password can be accessed
remotely.
BindView returned our e-mails with the statement that it would be fixed in
the next release.
Brent Barker
ViaSat, Inc.
