Home page logo
/

pen-test logo Penetration Testing mailing list archives

MIT Magic cookie vulnerability automated checking?
From: "Graham, Randy (RAW) " <RAW () y12 doe gov>
Date: Wed, 31 Oct 2001 09:54:44 -0500

We've just gone through an audit here at work.  One of the results of the
audit is we are now required to expand out scanning scope (we use ISS for
our scanning).  Of course, because of this we are seeing a lot of potential
vulnerabilities without an easy way to see if we are actually vulnerable or
not.  The latest one we are dealing with is the X MIT-Magic-cookie problem
(CIAC published the information on this on November 20, 1995, so it is an
old one).  Any system using xauth for authentication shows this as a
potential vulnerability, and ISS says to check we have to look for various
patches by vendor, or certain releases of X.  Well, now management tells us
we have to go ahead and check every one of these systems.  CIAC says there
are tools for exploiting this, but I can't find one anywhere on
SecurityFocus, PacketStorm, or through google searches.  We have been told
to find a tool to actually check if a system is vulnerable or not (even
though we don't have permission to run the tool on our network yet...) and
run it against every machine on the network (you know, in case our scanner
missed one).

Is anyone familiar with such a tool?  I don't even care if it allows us to
actually exploit the system, but I have to show management something that we
can point at a system and get a yes/no to the question "Is this machine
vulnerable to the MIT-Magic-cookie vulnerability?"

Randy Graham
-- 
The Internet?  Bah!  Is that thing still around?  -- Homer Simpson

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]