Bugtraq mailing list archives
Multiple vulnerabilities in Sybergen Secure Desktop
From: anders.ingeborn () INFOSEC SE (anders.ingeborn () INFOSEC SE)
Date: Fri, 30 Jun 2000 15:58:31 +0100
Infosec Security Vulnerability Report No: Infosec.20000625.sybergen.a =============================== Vulnerability Summary --------------------- Problem 1: Sybergen Secure Desktop does not protect against false router advertisements. Problem 2: Sybergen Secure Desktop dies when a user clears the routing table from default gateway entries. Threat 1: An attacker can add false default gateway entries to a Windows98 routing table, even when protected by Sybergen Secure Desktop. Threat 2: An user can accidently kill the Sybergen Secure Desktop personal firewall. Platform: Sybergen Secure Desktop 2.1 build 455 on Windows98 Solution: Currently there is no patch that corrects this problem Vulnerability Description ------------------------- The first vulnerability is that Sybergen Secure Desktop does not protect against false router advertisements, ICMP type 9. This means that an attacker can add new default route entries to the victim's routing table (that in turn is a known vulnerability for Windows98, see L0pht Security Advisory August 11, 1999). The vulnerability is present even when Sybergen Secure Desktop is set to ultra-high security level. The second vulnerability occurs when the routing table is full of bogus entries and the user clears it from default routes (ms-dos "route -f"). Then the firewall completely and quietly dies. The user has to restart the computer to make Sybergen Secure Desktop work again. Additional Information ---------------------- Sybergen Technical Support was notified about these vulnerabilities approximately one week ago. For more information about Sybergen, see www.sybergen.com Reported by: Anders Ingeborn, ingeborn () infosec se ------------------------------- Infosec is a Swedish based tiger team that has been working with information security since 1982. Infosec has been doing network penetration tests and technical audits of computer systems since 1996. Infosec is now hiring in Sweden and the United Kingdom. Please contact Christer Stafferöd for more information. Phone: +46-8-6621070 E-mail: stafferod () infosec se
Current thread:
- Re: WuFTPD: Providing *remote* root since at least1994, (continued)
- Re: WuFTPD: Providing *remote* root since at least1994 Theo de Raadt (Jun 27)
- Re: WuFTPD: Providing *remote* root since at least1994 Carson Gaspar (Jun 27)
- Re: WuFTPD: Providing *remote* root since at least1994 Casper Dik (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Eric Hines (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 der Mouse (Jun 26)
- Re: WuFTPD: Providing *remote* root since at least1994 Henrik Nordstrom (Jun 27)
- Re: WuFTPD: Providing *remote* root since at least1994 Theo de Raadt (Jun 28)
- Re: WuFTPD: Providing *remote* root since at least1994 Valentin Nechayev (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Kenn Humborg (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Hudin Lucian (Jun 29)
- Multiple vulnerabilities in Sybergen Secure Desktop anders.ingeborn () INFOSEC SE (Jun 30)
- SecureXpert Advisory [SX-20000620-2] SecureXpert DIRECT Sender (Jun 30)
- Re: WuFTPD: Providing *remote* root since at least1994 Henrik Nordstrom (Jun 27)
- Update to Integrity Protection Driver Available IPD (Jun 29)
- Re: WuFTPD: Providing *remote* root since at least1994 Theo de Raadt (Jun 29)
- Buggy ARP handling in Windoze Paul Starzetz (Jun 29)
- Re: Buggy ARP handling in Windoze Jurjen Oskam (Jun 29)
- Re: Buggy ARP handling in Windoze Steven Alexander (Jun 29)