[8666] in bugtraq
Re: Remote Tools w/Exceed v.6.0.1.0 fer 95
daemon@ATHENA.MIT.EDU (Robby Dunkerson)
Thu Dec 3 13:24:08 1998
Date: Thu, 3 Dec 1998 11:15:54 -0600
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Robby Dunkerson <Robby_Dunkerson@VERITASDGC.COM>
To: BUGTRAQ@NETSPACE.ORG
We had this same probem with the NT version. It does not occur with 6.1
for NT. I have not tested it with 95.
robby dunkerson
unix/nt systems administrator
veritas dgc.
"Sparks, Michael ME" <Sparks.Michael.ME@BHP.COM.AU> on 12/02/98 08:56:53 AM
Please respond to Bugtraq List <BUGTRAQ@NETSPACE.ORG>
To: BUGTRAQ@NETSPACE.ORG
cc: (bcc: Robby Dunkerson/HOU/HPC/VDGC)
Subject: Remote Tools w/Exceed v.6.0.1.0 fer 95
Hello All,
I was just looking through my root directory and noticed a file
called test.log. This file contains the machine name, username, and
password all in clear text for the machine that you are rexec'ing to.
Ex:
========================================================================
C:\WINDOWS\SYSTEM\HUMMBIRD\RSHCTRL.OCX - Wed Dec 02 08:47:11 1998
========================================================================
Socket Success: Family = 2, Type = 1, Protocol = 0, New Socket = 20
IoctlSocket Success: Socket = 20, Cmd = 8004667E, Arg = 1
Bind Success: Socket = 20, Addr = 0.0.0.0,631
Connect Error: Socket = 20, Addr = ??.??.??.??,512, Error = 10035
Send Success: Socket = 20, Flags = 0, Sent 1 of 1
00 .
Send Success: Socket = 20, Flags = 0, Sent 14 of 14
74 68 69 73 69 73 6D 79 6C 6F 67 69 6E 00 thisismylogin.
Send Success: Socket = 20, Flags = 0, Sent 17 of 17
74 68 69 73 69 73 6D 79 70 61 73 73 77 6F 72 64 thisismypassword
00 .
Send Success: Socket = 20, Flags = 0, Sent 3 of 3
6C 73 00 ls.
Recv Success: Socket = 20, Flags = 0, Len = 19
01 70 61 73 73 77 6F 72 64 20 74 6F 6F 20 6C 6F .password too lo
6E 67 0A ng.
Recv Success: Socket = 20, Flags = 0, Len = 0
Close Success: Socket = 20
========================================================================
I don't know if anyone uses rtools but if you do and user rexec just
beware.
I was able to disable this by echo "" > c:\test.log ; attrib +r
c:\test.log.
I apoligize if this is known and or not in the apropriate context
of
this list.
Michael Sparks
sparks.michael.me@bhp.com.au
Systems Administrator
"Tis most impossible to remove a misunderstanding." A.