INW FTP server security hole

[dgersic () niu edu (David Gersic)]

Forwarded from elsewhere, and similar to the Web server hole from the
summer...


From: Peter Holt <peter () kd miroi se>
To: "Novell NetWare security discussion list" <NW-Hack () bebr cba ufl edu>
Subject: INW Ftp hole
Date: Tue, 17 Dec 1996 13:07:32 +0100 (MET)
Errors-to: <ks () dau-48 anthro ufl edu>
Reply-to: NW-Hack () bebr cba ufl edu
Sender: Maiser () bebr cba ufl edu
X-listname: <NW-Hack () bebr cba ufl edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Mailer: Mercury MTS v1.21
Message-ID: <158B4A6099 () bebr cba ufl edu>
X-PMFLAGS: 37224576

In InteraNetWare there is a hole in the security in the ftp part.
If you install the ftp then the server vill give [public] RF rights in
SYS:ETC !!!!!!! Novell stores a lot off things in ETC, for example if you
use INETCFG to configure remoteconsole (almost everyone does) then the
password is stored there, along whith all configuration off NICs,
protocols and filters.

And to bee shore you dont remove the rights they are assigned every 24
hour!!!

If you want logging of all FTP sessions then [public] is given full
rights to the logfile!!!!!

I have posted this on cne-net but no one seems to care, or dont see this
as a problem. I think there is a problem as there nowhare in the manual
says anything about this.

Peter Holt           CNE-4
mail: MiROi Utbildning      phone: +46 54 18 18 50
      Bergendorffsgatan 5     fax: +46 54 18 05 86
      S-652 24 KARLSTAD    e-mail: peter () kd miroi se
      SWEDEN



======================================================================

    The packet goes out the card, into the copper, out the router,
    onto the fiber, across the world, thru the copper............
    NOTHING BUT NET.

David Gersic                                           dgersic () niu edu
Systems Programmer                        Northern Illinois University