exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Tembria Server Monitor Weak Cryptographic Password Storage

Tembria Server Monitor Weak Cryptographic Password Storage
Posted Feb 15, 2011
Authored by Rob Kraus | Site solutionary.com

A vulnerability exists in the Tembria Server Monitor application allowing an attacker to easily decrypt usernames and passwords used to authenticate to the application. This is a second level attack that requires access to the password files stored within the application directory.

tags | advisory
SHA-256 | 163a065cfecd676df474c29e1bd95914935a34327f5d1ac24420581f6c99a5ae

Tembria Server Monitor Weak Cryptographic Password Storage

Change Mirror Download
Tembria Server Monitor Weak Cryptographic Password Storage Vulnerability

Solutionary ID: SERT-VDN-1004

Solutionary Disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Tembria-Server-Monitor-Weak-Xpto-Pwd-Storage.html

CVE ID: Pending

Product: Tembria Server Monitor

Application Vendor: Tembria

Vendor URL: http://www.tembria.com/products/servermonitor/index.html
Date discovered: 1/22/2011

Discovered by: Rob Kraus and Solutionary Engineering Research Team (SERT)

Vendor notification date: 1/25/2011

Vendor response date: 1/25/2011

Vendor acknowledgment date: 1/25/2011

Public disclosure date: 2/14/2011

Type of vulnerability: Weak Cryptography - Design Flaw

Exploit Vectors: Local

Vulnerability Description: A vulnerability exists in the Tembria Server Monitor application allowing an attacker to easily decrypt usernames and passwords used to authenticate to the application. This is a second level attack that requires access to the password files stored within the application directory. The application implements a simple substitution cipher to obfuscate the values of plaintext usernames and passwords. Obfuscation of the usernames and passwords is achieved by encrypting them to represent numeric values that are three characters wide (i.e. e = 057). An attacker who has previously compromised the host operating system or achieved direct access to the authentication.dat file found in the "\Tembria\Server Monitor" directory can obtain the encrypted user credentials and decrypt them with little effort. Credentials using the same encryption can also be found in XML files located in the "\Tembria\Server Monitor\Exports" directory.

Tested on: Windows XP, SP3, with Tembria Server Monitor v6.0.4 - Build 2229 default installation.

Affected software versions: Tembria Server Monitor v6.0.4 - Build 2229 default installation

Impact: In cases where access to the previously mentioned files is obtained, an attacker can decrypt all username and password values and potentially reuse them for authentication to other systems within the network environment.

Fixed in: Tembria Server Monitor v6.0.5 - Build 2252

Remediation guidelines: The vendor has created a fix to address the discovered issues. Upgrade to Tembria Server Monitor v6.0.5 - Build 2252 or later.

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close