[17473] in bugtraq
Re: Samba 2.0.7 SWAT vulnerabilities
daemon@ATHENA.MIT.EDU (Ryan Gray)
Thu Nov 2 14:17:47 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.30.0011011939120.13140-100000@catalyst.catalystsol.com>
Date: Wed, 1 Nov 2000 19:47:01 -0600
Reply-To: Ryan Gray <ryan@SNIPER.ORG>
From: Ryan Gray <ryan@SNIPER.ORG>
X-To: Richard Trott <trott@SLOWPOISONERS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSO.4.21.0010311450350.14568-100000@www>
CheckPoint Firewall-1 (at least up to version 4.0) has similar behavior.
Firewall-1 uses port 259 for client authentication.
If a valid username and invalid password is used:
User: validuser
FireWall-1 password: ******
Access denied by FireWall-1 authentication
User:
###################################
And if an invalid username is used:
User: invaliduser
User someuser not found
User:
###################################
I'm not sure about 4.1, but from the work that I've done with it, I'd
imagine that it behaves the same.
Regards,
Ryan Gray
Catalyst Solutions, Inc.
On Tue, 31 Oct 2000, Richard Trott wrote:
> I'm sure if everyone reported these problems to BugTraq, we could generate
> a very, very long list of products that have this same problem. I'd
> actually like to generate just such a list of products. Feel free to send
> example products (free, commercial, whatever) to me (and/or to Bugtraq;
> hey, it's moderated) and if I get enough, maybe I'll post a Web page.
>
> [CorporateTime for the Web also appears to do other
> not-so-security-conscious things like create a world writeable log
> directory (lexacal-private/log--and that private directory is created with
> world read and execute permissions, so it is not private at all).]
>
> Rich
>
