|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Blake, Scott (SBlake
bindview.com)Date: Wed Feb 13 2002 - 17:04:06 CST
In January, a bug in NETinventory was discovered when the product is used in
conjuction with NETrc.
When using these two products, NETinventory writes a file named hostcfg._ni
that is stored on the machine, which contains the encrypted NETrc password.
A user can delete that file, then force a new audit from the netlogon
directory. When this occurs, NETinventory looks for that file, and if it is
not present, rewrites the file. During the rewrite, the file is stored as
hostcfg.ini until the audit is completed, which means that the password is
in clear text until the audit is completed. Although this process takes only
a matter of seconds, requires physical access to the machine, and will only
provide access to the NETrc proxy, it is a security flaw that BindView is
aware of and addressing at this moment.
A fix has been available since January 30th for this issue at:
ftp://ftp.bindview.com/Products/NETrc/NETinventory_NETrc_HotFix.zip.
-----
Scott Blake
VP, Information Security
BindView Corporation
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]