Bugtraq mailing list archives

e/pop vulnerability

From: chaos255 () HOTMAIL COM (chaos 255)
Date: Mon, 25 Oct 1999 16:31:27 PDT


Out of the box, the e/pop application has no security settings enabled.  Any
peer can take control of your desktop without warning.

The initial configuration not withstanding, I sent an email to
support () wirered com about a vulnerability in the way the software exchanges
security codes over the network:

Software Affected
-----------------
WiredRed e/pop 2.0.3.125

Description
-----------
Security Codes configured in the e/pop Control Panel are sent in the
clear. Several security codes can be configured from the e/pop control
panel:

  Global: must be installed on each e/pop peer in order to
          communicate and is also used to restrict access to the
          control panel.

  Features: Send and Receive codes can be configured for each of the
          following features: Message, Chat, Admin, Remote, and
          AppShare.

Impact
------
Security codes can be easily snooped and used to communicate with and/or
take control of e/pop peers that have security codes configured.

Suggestion
----------
Send a message digest (e.g. MD5) of the security code instead of sending it
in the clear.

The following was the response I received:


Thank you for your suggestion, but physical security is not the
responsibility of e/pop, but the responsibility of your company.  If
someone
has the ability to snoop your network with a packet sniffer, then they have
the ability to install password grabbing trojans on your PCs and various
other things.

That is why security classifications such as C2 does not extend to physical
premises security and control for software, and companies like Novell and
Microsoft who meet these requirements are still vunerable in physical
security attacks, such as console access.

We appreciate your suggestions though and will take them into consideration
as MD5 and RC6 security is used internally within e/pop to encode codes.


______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

Current thread:

Imagemap CGI overflow exploit UNYUN (Oct 21)
- Re: Imagemap CGI overflow exploit John LoVerso (Oct 22)
- e/pop vulnerability chaos 255 (Oct 25)
- Re: Imagemap CGI overflow exploit Thomas Reinke (Oct 25)