what you don't know can hurt you

Tomedo Server 1.7.3 Information Disclosure / Weak Cryptography

Tomedo Server 1.7.3 Information Disclosure / Weak Cryptography
Posted Oct 16, 2019
Authored by Chris Hein

Tomedo Server version 1.7.3 suffers from using weak cryptography for passwords and cleartext transmission of sensitive information vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2019-17393
MD5 | 07f8e3571fab4054ca321d2f70a6bd2c

Tomedo Server 1.7.3 Information Disclosure / Weak Cryptography

Change Mirror Download
Affected software: Tomedo Server 1.7.3
Vulnerability type: Cleartext Transmission of Sensitive Information & Weak Cryptography for Passwords
Vulnerable version: Tomedo Server 1.7.3
Vulnerable component: Customer Tomedo Server that communicates with Vendor Tomedo Update Server
Vendor report confidence: Confirmed
Fixed version: Version later then 1.7.3
Vendor notification: 20/09/19
Solution date: 25/09/19
CVE reference: CVE-2019-17393
CVSS Score: 3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Credits: Chris Hein, ProSec GmbH
Communication Timeline:
20th September 2019 Initial contact - no response
25th September second contact attempt
28th September Vendor responded and released an update
14th October fulldisclosure

Vulnerability Details:
The Customer’s Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP (in cleartext) that can be sniffed by unauthorized actors.
Basic authentication is used for the authentication what’s makes it possible to base64 decode the sniffed credentials and get hold of the username and password.

Proof of concept:
Capture the traffic between the Tomedo servers via a proxy or a MITM attack and base64 decode the credentials from the HTTP GET request.
Login or Register to add favorites

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close