Bugtraq mailing list archives
Released Patch: Tumbleweed Worldsecure (MMS) BLANK 'sa' account p asswordvuln erability [virus checked]
From: Ingo Wupper <ingo.wupper () VANCO DE>
Date: Wed, 16 Aug 2000 14:17:13 +0200
Tumbleweed has released a patch for the above problem. Pls find the URL in the eMail below: Regards Vanco Euronet GmbH - the human network - Ingo Wupper (Leiter Geschäftsbereich eSecurity) Tel: +49 6102 785-601 Fax: +49 6102 785-556 The information contained in this eMail is confidential. It is intended solely for the addressee. Access to this eMail by anyone else is unauthorized. If you are not the intended recipient, any form of disclosure, reproduction, distribution or any action taken or refrained from in reliance on it is prohibited and may be unlawful. Please notify the sender immediatly. All statements of opinion or advice directed via this eMail to our clients are subject to the terms and conditions expressed in the governing VANCO AGB's. The content of this eMail is not legally binding unless confirmed by letter. -----Ursprüngliche Nachricht----- Von: klaus.stracker () tumbleweed com [mailto:klaus.stracker () tumbleweed com] Gesendet: Mittwoch, 16. August 2000 14:24 An: ingo.wupper () vanco de Cc: kurt.dawidowitsch () tumbleweed com Betreff: Tumbleweed Worldsecure (MMS) BLANK 'sa' account passwordvuln erability [virus checked] Hallo Herr Wupper, Bezueglich Ihrer Mitteilung wurde am letzten Freitag ein Security Patch freigegeben. http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm <http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm> Ich hoffe Ihnen hiermit geholfen zu haben. Freundliche Gruesse Klaus Stracker Tumbleweed Communications -----Original Message----- From: Ingo Wupper [mailto:ingo.wupper () vanco de] Sent: 11 August 2000 07:44 To: Pat Boswell-Saul Subject: WG: Tumbleweed Worldsecure (MMS) BLANK 'sa' account passwordvuln erability [virus checked] Could you pls clarify the comment of Tumbleweed denying this vuln. with you technical staff ? Thx. Best Regards, Vanco Euronet GmbH - the human network - Ingo Wupper (Leiter Geschäftsbereich eSecurity) Tel: +49 6102 785-601 Fax: +49 6102 785-556 The information contained in this eMail is confidential. It is intended solely for the addressee. Access to this eMail by anyone else is unauthorized. If you are not the intended recipient, any form of disclosure, reproduction, distribution or any action taken or refrained from in reliance on it is prohibited and may be unlawful. Please notify the sender immediatly. All statements of opinion or advice directed via this eMail to our clients are subject to the terms and conditions expressed in the governing VANCO AGB's. The content of this eMail is not legally binding unless confirmed by letter. -----Ursprüngliche Nachricht----- Von: NT HATER [ mailto:__nt__ () ANONYMOUS TO <mailto:__nt__ () ANONYMOUS TO> ] Gesendet: Donnerstag, 10. August 2000 18:37 An: BUGTRAQ () SECURITYFOCUS COM Betreff: Tumbleweed Worldsecure (MMS) BLANK 'sa' account password vulnerability [virus checked] I've recently discovered the following vulnerability: Product: Tumbleweed Messaging Management System (MMS) (Formerly Worldtalk Worldsecure) http://www.tumbleweed.com/solutions/products/mms_products <http://www.tumbleweed.com/solutions/products/mms_products> Version: 4.3 - 4.5 (all builds) Description: Product uses Microsoft's MSDE (Database engine) which is a stripped down version of the Microsoft SQL server 7.0. During the setup stage, I was never asked for the 'sa' account password, which led me to think that application is either generating a random password every time it installs or the password is the same for all installations. Well, after thurther research I discovered that the password is left BLANK !!! This is a huge remotely exploitable vulnerability. After I remotely connected to the database (with 'sa' account and NO PASSWORD) I was able to delete the databases (denial of service, product becomes unusable) and modify the data (customer certificates, configuration of the product, logs, etc.). Tumbeweed refuses to acknowledge this vulnerability, which caused major outrage among my customers. Therefore, I have no choice but to go public about this vulnerability. Please feel free to contact me with ANY questions regarding this issue, although I would like to remain anonymous. Thank you very much. ------------------------------------------------------------ Hey you! Claim your FREE anonymous email account: Click Here -> http://www.anonymous.to <http://www.anonymous.to>
Attachment:
Ingo Wupper.vcf
Description:
Attachment:
Ingo Wupper.vcf
Description:
Current thread:
- Released Patch: Tumbleweed Worldsecure (MMS) BLANK 'sa' account p asswordvuln erability [virus checked] Ingo Wupper (Aug 16)