Vulnerability Development mailing list archives
Re: Exposures in MQ and CORBA
From: mark () ZANG COM (Mark (Mookie))
Date: Fri, 31 Mar 2000 18:41:44 -0800
I am trying to learn more about security exposures associated with MQ and CORBA. Does anyone have any good references or opinions?
Just annecdotes. Most MQ setups don't adequately revoke permissions on queues and/or channels. Whilst auditing a national MQ Series network I was able to connect as a client and alter the queue settings for remote queues that a client had no business accessing. This gave me control over message routing, enabling me to spy on the paylods if I wished. In that case the performance of the changed routing was a giveaway, but often it'd go unnoticed if you didn't break anything. Most admins knowledge of MQ series is cursory to say the least, even if they work for IBM themselves. If you are contemplating the use of MQ Series then find yourself a consultant to go through your configuration and fix the default holes. Once you get past the IBM "yeeach" of it, it's not a bad product. Cheers, Mark. mark () zang com
Current thread:
- Re: Exposures in MQ and CORBA Mark (Mookie) (Mar 31)
- <Possible follow-ups>
- Re: Exposures in MQ and CORBA Jeferson (Mar 31)