Home page logo
/

bugtraq logo Bugtraq mailing list archives

RE: BindView NetInventory NetRC hostcfg_ni password passed in cle ar text
From: "Blake, Scott" <SBlake () bindview com>
Date: Wed, 13 Feb 2002 17:04:06 -0600

In January, a bug in NETinventory was discovered when the product is used in
conjuction with NETrc. 

When using these two products, NETinventory writes a file named hostcfg._ni
that is stored on the machine, which contains the encrypted NETrc password.
A user can delete that file, then force a new audit from the netlogon
directory. When this occurs, NETinventory looks for that file, and if it is
not present, rewrites the file. During the rewrite, the file is stored as
hostcfg.ini until the audit is completed, which means that the password is
in clear text until the audit is completed. Although this process takes only
a matter of seconds, requires physical access to the machine, and will only
provide access to the NETrc proxy, it is a security flaw that BindView is
aware of and addressing at this moment.

A fix has been available since January 30th for this issue at:
ftp://ftp.bindview.com/Products/NETrc/NETinventory_NETrc_HotFix.zip.

-----
Scott Blake
VP, Information Security
BindView Corporation


  By Date           By Thread  

Current thread:
  • RE: BindView NetInventory NetRC hostcfg_ni password passed in cle ar text Blake, Scott (Feb 14)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]