exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

d-01.ciac-novel-access-rights

d-01.ciac-novel-access-rights
Posted Sep 23, 1999

d-01.ciac-novel-access-rights

SHA-256 | 1c5588dbf57ece5cc7f39c976dd0fd4e30ba092d744c97587e5104129bd9cfa9

d-01.ciac-novel-access-rights

Change Mirror Download
        _______________________________________________________
The Computer Incident Advisory Capability
___ __ __ _ ___
/ | / \ /
\___ __|__ /___\ \___
_____________________________________________________
Information Bulletin

Novell NetWare Access Rights Vulnerability

OCT 14, 1992 0900 PDT Number D-01
________________________________________________________________________
PROBLEM: A vulnerability has been discovered which may allow any Novell
Netware user to obtain unauthorized privileges
PLATFORM: PC/MS-DOS with Novell NetWare 3.x, 2.x, and NetWare for UNIX
DAMAGE: Compromise of server integrity
SOLUTION: Obtain and apply software enhancements available from Novell;
prudent NetWare administration
________________________________________________________________________
Critical Facts about the Novell NetWare Access Rights Vulnerability

CIAC has learned of a network security threat that allows any Novell
user, equipped with a special program, to gain the access rights
assignable by any other user currently attached to the server. This
vulnerability affects NetWare 3.x, NetWare 2.x, and NetWare for Unix.

CIAC recommends that you obtain the Phase I security enhancements as
soon as they are available. They are scheduled to be released by
Novell by the end of October. NetWare 3.x and 2.x customers will be
able to obtain the enhancements via anonymous ftp from
ftp.IS.Sandy.Novell.COM (137.65.12.2) as well as via NetWire
(Compuserve) and NetWare Express (GE Information Services). NetWare
for Unix customers should contact the NetWare for Unix partner who
provided them the software. Help is available from the Novell
customer information line 1-800-NETWARE.

As a general precaution, and as an interim measure until the Phase I
patches are released, Novell recommends the following security
practices:

* Use the NetWare utility "SECURITY" to detect insecure access
points to the server.

* Require passwords on all accounts.

* Force periodic password changes.

* Require unique passwords.

* Limit access rights and security equivalences.

* Limit concurrent connections.

* Enforce login time restrictions.

* Enforce login station restrictions.

* Enable intruder detection.

* Secure unattended workstations to avoid unauthorized use.

In addition, CIAC recommends that you minimize or eliminate supervisor
activity concurrent with non-privileged connections until Phase I is
available; and further recommends that you activate all applicable
NetWare security features and install the most recent versions of
system software, client software, and other patches.

Novell informs us that to their knowledge programs to exploit this
vulnerability have not yet been found outside laboratories; and the
technique used to create the security threat, known as packet spoofing
or packet forging, is inherent to all client server architectures that
have not taken specific protective actions. CIAC believes that
because of the increasing publicity of this technique, the
vulnerability could soon be exploited by the hacker/cracker community.

CIAC would like to thank Novell for providing the security practices,
access information, and general support for our efforts concerning
this issue. We would also like to acknowledge the efforts of SURFnet
Computer Emergency Response Team CERT-NL for alerting us to this
situation.

For additional information or assistance, please contact CIAC at
(510) 422-8193 / FTS or send e-mail to ciac@llnl.gov. FAX messages
to: (510) 423-8002 / FTS.

PLEASE NOTE: Many users outside of the DOE and ESnet computing
communities receive CIAC bulletins. If you are not part of these
communities, please contact your agency's response team to report
incidents. Some of the other teams include the NASA NSI response
team, DARPA's CERT/CC, NAVCIRT, and the Air Force response team. Your
agency's team will coordinate with CIAC.

This document was prepared as an account of work sponsored by an
agency of the United States Government. Neither the United States
Government nor the University of California nor any of their
employees, makes any warranty, expressed or implied, or assumes any
legal liability or responsibility for the accuracy, completeness, or
usefulness of any information, product, or process disclosed, or
represents that its use would not infringe privately owned rights.
Reference herein to any specific commercial products, process, or
service by trade name, trademark manufacturer, or otherwise, does not
necessarily constitute or imply its endorsement, recommendation, or
favoring by the United States Government or the University of
California. The views and opinions of authors expressed herein do not
necessarily state or reflect those of the United States Government nor
the University of California, and shall not be used for advertising or
product endorsement purposes.


======================================================================

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close