[3809] in bugtraq
INW FTP server security hole
daemon@ATHENA.MIT.EDU (David Gersic)
Wed Dec 18 01:17:11 1996
Apparently-To: <bugtraq@netspace.org>
Date: Tue, 17 Dec 1996 23:35:00 -0600
Reply-To: David Gersic <dgersic@niu.edu>
From: David Gersic <dgersic@niu.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
Forwarded from elsewhere, and similar to the Web server hole from the
summer...
From: Peter Holt <peter@kd.miroi.se>
To: "Novell NetWare security discussion list" <NW-Hack@bebr.cba.ufl.edu>
Subject: INW Ftp hole
Date: Tue, 17 Dec 1996 13:07:32 +0100 (MET)
Errors-to: <ks@dau-48.anthro.ufl.edu>
Reply-to: NW-Hack@bebr.cba.ufl.edu
Sender: Maiser@bebr.cba.ufl.edu
X-listname: <NW-Hack@bebr.cba.ufl.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Mailer: Mercury MTS v1.21
Message-ID: <158B4A6099@bebr.cba.ufl.edu>
X-PMFLAGS: 37224576
In InteraNetWare there is a hole in the security in the ftp part.
If you install the ftp then the server vill give [public] RF rights in
SYS:ETC !!!!!!! Novell stores a lot off things in ETC, for example if you
use INETCFG to configure remoteconsole (almost everyone does) then the
password is stored there, along whith all configuration off NICs,
protocols and filters.
And to bee shore you dont remove the rights they are assigned every 24
hour!!!
If you want logging of all FTP sessions then [public] is given full
rights to the logfile!!!!!
I have posted this on cne-net but no one seems to care, or dont see this
as a problem. I think there is a problem as there nowhare in the manual
says anything about this.
Peter Holt CNE-4
mail: MiROi Utbildning phone: +46 54 18 18 50
Bergendorffsgatan 5 fax: +46 54 18 05 86
S-652 24 KARLSTAD e-mail: peter@kd.miroi.se
SWEDEN
======================================================================
The packet goes out the card, into the copper, out the router,
onto the fiber, across the world, thru the copper............
NOTHING BUT NET.
David Gersic dgersic@niu.edu
Systems Programmer Northern Illinois University
