[15572] in bugtraq
Multiple vulnerabilities in Sybergen Secure Desktop
daemon@ATHENA.MIT.EDU (anders.ingeborn@INFOSEC.SE)
Fri Jun 30 17:47:29 2000
Mime-Version: 1.0
Content-type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Message-ID: <4125690E.00524395.00@guardianit.se>
Date: Fri, 30 Jun 2000 15:58:31 +0100
Reply-To: anders.ingeborn@INFOSEC.SE
From: anders.ingeborn@INFOSEC.SE
To: BUGTRAQ@SECURITYFOCUS.COM
Content-Transfer-Encoding: 8bit
Infosec Security Vulnerability Report
No: Infosec.20000625.sybergen.a
===============================
Vulnerability Summary
---------------------
Problem 1: Sybergen Secure Desktop does not protect
against false router advertisements.
Problem 2: Sybergen Secure Desktop dies when a user
clears the routing table from default
gateway entries.
Threat 1: An attacker can add false default gateway
entries to a Windows98 routing table,
even when protected by Sybergen Secure
Desktop.
Threat 2: An user can accidently kill the Sybergen
Secure Desktop personal firewall.
Platform: Sybergen Secure Desktop 2.1 build 455 on
Windows98
Solution: Currently there is no patch that corrects
this problem
Vulnerability Description
-------------------------
The first vulnerability is that Sybergen Secure Desktop does not protect against
false router advertisements, ICMP type 9. This means that an attacker can add
new default route entries to the victim's routing table (that in turn is a known
vulnerability for Windows98, see L0pht Security Advisory August 11, 1999). The
vulnerability is present even when Sybergen Secure Desktop is set to ultra-high
security level.
The second vulnerability occurs when the routing table is full of bogus entries
and the user clears it from default routes (ms-dos "route -f"). Then the
firewall completely and quietly dies. The user has to restart the computer to
make Sybergen Secure Desktop work again.
Additional Information
----------------------
Sybergen Technical Support was notified about these vulnerabilities
approximately one week ago. For more information about Sybergen, see
www.sybergen.com
Reported by: Anders Ingeborn, ingeborn@infosec.se
-------------------------------
Infosec is a Swedish based tiger team that has been working with information
security since 1982. Infosec has been doing network penetration tests and
technical audits of computer systems since 1996. Infosec is now hiring in Sweden
and the United Kingdom. Please contact Christer Stafferöd for more information.
Phone: +46-8-6621070 E-mail: stafferod@infosec.se
