Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Castelle Faxpress: Password used for NT Print queue can be discl osed in Plain Text

From: Leon Ward <leon.ward () added-dimension co uk>
Date: Tue, 5 Feb 2002 16:17:06 -0000 
Overview

    I have reported this to Castelle and they told me it is a feature for
troubleshooting, however they will make the change the next time they
release the Faxpress Software. I just thought that other admins should be
made aware so they can check their systems are secured correctly.

    Printing can be configured to use either a printer connected directly to
the parallel port of the fax server or to a Network print queue. When
configuring the system to use a Network print queue the following
information needs to be entered.

NT Host Name
Printer Shareable Name
IP Address
Login Name
Password

    If the login name is either entered incorrectly or changed by a user,
when a document is sent to the print queue an error event will be added to
the notices, This error divulges the following information.

Notice: Network Print Queuing Error For Job XXXX
Notice For: Faxpress Username
Queue: Printer name
Server: NTPrint Server
Login: Login, Password
Error At: Time
Error.

The Login credentials, including the password  are shown in Plain text.

    I assume that most Administrators with this Fax System out there that
use a single username for all Faxpress printing due to the hassle of
changing login information every time a users Password expires, I hope
nobody has just tapped in an Admin accounts details because they were
feeling lazy!

Workarounds: Make sure that Users are unable to make changes to their
mailbox settings.

To re-create the 'feature'
-Log into the Faxpress
-Select any printable item eg An Outgoing fax or a failed transmission
-Right click on the item and chose print -Click "Printer" -Click on "Queue"
-Note the username -Change the username eg from "John" to "John1" -Click OK
-Click OK -Click OK -Go to notices -Double click on the printing error

The username "John1" and his password are presented.
If anyone has problems re-creating this feel free to drop me a mail.

Best Regards

Nard

This opinion expressed is my own and is not of my company.

This E-mail and its attachments have been scanned for viruses before delivery.
We recommend that all attachments are also checked by recipients before being viewed.
For more information contact postmaster () added-dimension co uk
Previous By Date Next
Previous By Thread Next

Current thread: