[24816] in bugtraq

home help back first fref pref prev next nref lref last post

RE: NMRC Advisory: RealSecure KeyManager Issue - Further Explanation

daemon@ATHENA.MIT.EDU (Marc Maiffret)
Mon Mar 25 10:09:33 2002

From: "Marc Maiffret" <marc@eeye.com>
To: "hellNbak" <hellnbak@nmrc.org>, <bugtraq@securityfocus.com>
Cc: <focus-ids@securityfocus.com>
Date: Fri, 22 Mar 2002 17:44:47 -0800
Message-ID: <MKEAIJIPCGAHEFEJGDOCAELIELAA.marc@eeye.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="US-ASCII"
Content-Transfer-Encoding: 7bit
In-Reply-To: <Fuck.666.6.66.0203221730270.10851-100000@www.nmrc.org>

Also if people wouldn't mind including the build information as ISS states:

Vulnerable:
RealSecure for Nokia 6.0 Build 6.0.2001.141 ONLY
Fix Version:
RealSecure for Nokia 6.0 Build 6.0.2001.141d

That way there is less confusion etc...

Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities 

| -----Original Message-----
| From: hellNbak [mailto:hellnbak@nmrc.org]
| Sent: Friday, March 22, 2002 2:56 PM
| To: bugtraq@securityfocus.com
| Cc: focus-ids@securityfocus.com
| Subject: RE: NMRC Advisory: RealSecure KeyManager Issue - Further
| Explanation
| 
| 
| In attempt to perhaps get others who have access to Nokia Hardware to
| confirm this issue, here are the steps required to replicate my finding.
| 
| 1.)	Install RealSecure IPSO using the Nokia Voyager web tool.
| 2.)	Install REalSecure Console to NT Box
| 3.)	Connect and configure Console as key manager
| 4.)	Install another box as the REalSecure console and name this box
| Starscream and create a username skank.
| 5.)	Login as skank launch the console and attempt to connect to the
| Nokia box.
| 
| >From here you should be able to connect to the Nokia box as
| starscream_skank is already a keymanager.
| 
| If anyone can re-confirm what I have already tested a couple times that
| would be great.
| 
| -- 
| -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
| 
| "I don't intend to offend, I offend with my intent"
| 
| hellNbak@nmrc.org
| http://www.nmrc.org/~hellnbak
| 
| -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
| 
|
home help back first fref pref prev next nref lref last post