[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability

NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability

CVSS Risk Rating: 4.6 (Medium)

Product: NetSaro Enterprise Messenger Server

Application Vendor: SEM Software

Vendor URL: http://www.netsaro.com/

Public disclosure date: 8/15/2011

Discovered by: Rob Kraus, Jose Hernandez, and Solutionary Engineering Research 
Team (SERT)

Solutionary ID: SERT-VDN-1011

Solutionary public disclosure URL: 
http://www.solutionary.com/index/SERT/Vuln-Disclosures/NetSaro-Enterprise-Messenger-Vuln-Password.html

Vulnerability Description: A vulnerability exists in the NetSaro Enterprise 
Messenger Server application allowing an attacker to obtain access to plaintext 
usernames and passwords. The stored passwords are used to authenticate users 
running the NetSaro Enterprise Client connecting to the server. This is a 
second level attack that requires access to the password files stored within 
the application root directory. An attacker who has previously compromised the 
host operating system or gained direct access to the NetSaro.fdb database file 
found in the "NetSaro Enterprise ServerDb" directory can obtain the user 
credentials using readily available tools. More information about this class of 
vulnerability can be obtained by visiting 
http://cwe.mitre.org/top25/index.html#CWE-311: Missing Encryption of Sensitive 
Data? CWE 311

Affected software versions: NetSaro Enterprise Messenger Server v2.0 (previous 
versions may also be vulnerable)

Impact: In cases where access to the NetSaro.fdb file is achieved an attacker 
can obtain username and password values and reuse them against other systems 
within the network or cause disruption of services.

Fixed in: None Available

Remediation guidelines: Limit access to this hosts running the software and 
apply security patches as they become available.