Bugtraq mailing list archives
Tumbleweed Worldsecure (MMS) BLANK 'sa' account password vulnerability
From: NT HATER <__nt__ () ANONYMOUS TO>
Date: Thu, 10 Aug 2000 09:36:36 -0700
I've recently discovered the following vulnerability: Product: Tumbleweed Messaging Management System (MMS) (Formerly Worldtalk Worldsecure) http://www.tumbleweed.com/solutions/products/mms_products Version: 4.3 - 4.5 (all builds) Description: Product uses Microsoft's MSDE (Database engine) which is a stripped down version of the Microsoft SQL server 7.0. During the setup stage, I was never asked for the 'sa' account password, which led me to think that application is either generating a random password every time it installs or the password is the same for all installations. Well, after thurther research I discovered that the password is left BLANK !!! This is a huge remotely exploitable vulnerability. After I remotely connected to the database (with 'sa' account and NO PASSWORD) I was able to delete the databases (denial of service, product becomes unusable) and modify the data (customer certificates, configuration of the product, logs, etc.). Tumbeweed refuses to acknowledge this vulnerability, which caused major outrage among my customers. Therefore, I have no choice but to go public about this vulnerability. Please feel free to contact me with ANY questions regarding this issue, although I would like to remain anonymous. Thank you very much. ------------------------------------------------------------ Hey you! Claim your FREE anonymous email account: Click Here -> http://www.anonymous.to
Current thread:
- Tumbleweed Worldsecure (MMS) BLANK 'sa' account password vulnerability NT HATER (Aug 10)
- Re: Tumbleweed Worldsecure (MMS) BLANK 'sa' account password vulnerability A. Trent Foley (Aug 11)
- Re: Tumbleweed Worldsecure (MMS) BLANK 'sa' account passwordvulnerability Mark Tinberg (Aug 15)
- Re: Tumbleweed Worldsecure (MMS) BLANK 'sa' account password vulnerability A. Trent Foley (Aug 11)