[3607] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

cleartext passwords in Remedy processes' cores

daemon@ATHENA.MIT.EDU (Peter A. Grina)
Fri Nov 15 14:43:41 1996

Date: 	Wed, 13 Nov 1996 14:04:20 -0500
Reply-To: "Peter A. Grina" <grina@grina.com>
From: "Peter A. Grina" <grina@grina.com>
X-To:         bugtraq@crimelab.com
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>

Remedy makes an elaborate and very popular trouble ticket program that has
been installed in lots of sites (Wall Street firms included.)

The security hole in Remedy's product is that a core dump of either the user
processes (i.e. aruser, notifier) shows the user's password in clear text.

The other security hole exists on the Remedy server... core dumps of either
of these two daemons:

                                arserverd
                                ntserverd
... reveals the same things.  The nsserverd core dump is especially nasty
since it puts the username and (cleartext) password on the same line.

-Pete Grina (grina@grina.com)

p.s.  This was called in to Remedy.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3607] in bugtraq

cleartext passwords in Remedy processes' cores

daemon@ATHENA.MIT.EDU (Peter A. Grina)Fri Nov 15 14:43:41 1996

daemon@ATHENA.MIT.EDU (Peter A. Grina)
Fri Nov 15 14:43:41 1996