Bugtraq mailing list archives
RE: BindView NetInventory NetRC hostcfg_ni password passed in cle ar text
From: "Blake, Scott" <SBlake () bindview com>
Date: Wed, 13 Feb 2002 17:04:06 -0600
In January, a bug in NETinventory was discovered when the product is used in conjuction with NETrc. When using these two products, NETinventory writes a file named hostcfg._ni that is stored on the machine, which contains the encrypted NETrc password. A user can delete that file, then force a new audit from the netlogon directory. When this occurs, NETinventory looks for that file, and if it is not present, rewrites the file. During the rewrite, the file is stored as hostcfg.ini until the audit is completed, which means that the password is in clear text until the audit is completed. Although this process takes only a matter of seconds, requires physical access to the machine, and will only provide access to the NETrc proxy, it is a security flaw that BindView is aware of and addressing at this moment. A fix has been available since January 30th for this issue at: ftp://ftp.bindview.com/Products/NETrc/NETinventory_NETrc_HotFix.zip. ----- Scott Blake VP, Information Security BindView Corporation
Current thread:
- RE: BindView NetInventory NetRC hostcfg_ni password passed in cle ar text Blake, Scott (Feb 13)