[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability
From: robkraus@xxxxxxxxxxxxxx
Date: Mon, 15 Aug 2011 15:46:04 GMT

NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic 
Password Storage Vulnerability

CVSS Risk Rating: 4.6 (Medium)

Product: NetSaro Enterprise Messenger Server

Application Vendor: SEM Software

Vendor URL: http://www.netsaro.com/

Public disclosure date: 8/15/2011

Discovered by: Jose Hernandez, Rob Kraus, and Solutionary Engineering Research 
Team (SERT)

Solutionary ID: SERT-VDN-1010

Solutionary public disclosure URL: 
http://www.solutionary.com/index/SERT/Vuln-Disclosures/NetSaro-Enterprise-Messenger-Vulnerability.html

Vulnerability Description: A vulnerability exists in the NetSaro Enterprise 
Messenger Server application allowing an attacker to easily decrypt passwords 
used to authenticate to the application. The application implements Base64 
encoding to obfuscate the values of plaintext passwords used for logging into 
the server administration console. This is a second level attack that requires 
access to the password files stored within the application root directory. An 
attacker who has previously compromised the host operating system or achieved 
direct access to the configuration.xml file found in the "NetSaro Enterprise 
Server" directory can obtain the encoded user credentials and decrypt them 
using readily available Base64 decoding tools. More information about this 
class of vulnerability can be obtained by visiting 
http://cwe.mitre.org/top25/index.html#CWE-327 : Use of a Broken or Risky 
Cryptographic Algorithm ? CWE 327

Affected software versions: NetSaro Enterprise Messenger Server v2.0 (previous 
versions may also be vulnerable)

Impact: In cases where access to the configuration.xml file is obtained, an 
attacker can decrypt all username and password values and reuse them against 
other systems within the network.

Fixed in: None Available

Remediation guidelines: Limit access to this hosts running the software and 
apply security patches as they become available.

Prev by Date: The LAD Melbourne Cms Sql Injection Vulnerability
Next by Date: NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability
Previous by thread: The LAD Melbourne Cms Sql Injection Vulnerability
Next by thread: NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability
Index(es):
- Date
- Thread