OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Chris McNab (chris.mcnab_at_trustmatta.com)
Date: Tue Jan 07 2003 - 18:54:42 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hey,

    I was performing a pentest recently for a client, and found what seems to be
    a user enumeration bug within Nokia IPSO (unknown as to which version and
    patchlevel) running Checkpoint FW-1:

    pipex-gw>telnet xxx.xxx.xxx.xxx
    Trying xxx.xxx.xxx.xxx ... Open
       IPSO (checkpointcharlie) (ttyp0)
    login: root
    Password:
    Login incorrect
    login: blah
    Password:
    Login incorrect
    login: fw1adm
    Password:
    Password:
    Login incorrect
    login: fw1adm
    Password:
    Password:
    Login incorrect
    Login timed out after 300 seconds
    [Connection to xxx.xxx.xxx.xxx closed by foreign host]
    pipex-gw>

    Obviously the fw1adm user exists, being the standard account under FW-1..
    but I was wondering if anyone had seen this before, or even if this issue
    had been addressed by Nokia?

    Thanks,

    Chris

    Chris McNab
    Technical Director

    Matta Security Limited
    18 Noel Street
    London W1F 8GN

    Tel: 08700 77 11 00

    This e-mail was sent from Matta Security Limited. The information contained
    in this message is confidential, may be privileged, and is intended for the
    addressee(s) only. If you have received this message in error please notify
    the originator immediately. The unauthorised use, disclosure, copying or
    alteration of this message is strictly forbidden. Matta Security Limited
    does not warrant that any attachments are free from viruses or other
    defects. Matta Security Limited will not be liable for direct, special,
    indirect or consequential damages arising from alteration of the contents of
    this message by a third party or as a result of any virus being passed on.

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:
    https://alerts.securityfocus.com/