Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Networks :: ciacd001.txt

Novell Access Rights




        _______________________________________________________
              The Computer Incident Advisory Capability
                          ___  __ __    _     ___
                         /       |     / \   /
                         \___  __|__  /___\  \___
         _____________________________________________________
                         Information Bulletin
 
              Novell NetWare Access Rights Vulnerability

OCT 14, 1992 0900 PDT                                       Number D-01
________________________________________________________________________
PROBLEM:  A vulnerability has been discovered which may allow any Novell
	  Netware user to obtain unauthorized privileges
PLATFORM: PC/MS-DOS with Novell NetWare 3.x, 2.x, and NetWare for UNIX
DAMAGE:   Compromise of server integrity 
SOLUTION: Obtain and apply software enhancements available from Novell;
	  prudent NetWare administration 
________________________________________________________________________
 Critical Facts about the Novell NetWare Access Rights Vulnerability

CIAC has learned of a network security threat that allows any Novell
user, equipped with a special program, to gain the access rights
assignable by any other user currently attached to the server.  This
vulnerability affects NetWare 3.x, NetWare 2.x, and NetWare for Unix.

CIAC recommends that you obtain the Phase I security enhancements as
soon as they are available.  They are scheduled to be released by
Novell by the end of October.  NetWare 3.x and 2.x customers will be
able to obtain the enhancements via anonymous ftp from
ftp.IS.Sandy.Novell.COM (137.65.12.2) as well as via NetWire
(Compuserve) and NetWare Express (GE Information Services).  NetWare
for Unix customers should contact the NetWare for Unix partner who
provided them the software.  Help is available from the Novell
customer information line 1-800-NETWARE.

As a general precaution, and as an interim measure until the Phase I
patches are released, Novell recommends the following security
practices:

  *  Use the NetWare utility "SECURITY" to detect insecure access
     points to the server.

  *  Require passwords on all accounts.

  *  Force periodic password changes.

  *  Require unique passwords.

  *  Limit access rights and security equivalences.

  *  Limit concurrent connections.

  *  Enforce login time restrictions.

  *  Enforce login station restrictions.

  *  Enable intruder detection.

  *  Secure unattended workstations to avoid unauthorized use.

In addition, CIAC recommends that you minimize or eliminate supervisor
activity concurrent with non-privileged connections until Phase I is
available; and further recommends that you activate all applicable
NetWare security features and install the most recent versions of
system software, client software, and other patches.

Novell informs us that to their knowledge programs to exploit this
vulnerability have not yet been found outside laboratories; and the
technique used to create the security threat, known as packet spoofing
or packet forging, is inherent to all client server architectures that
have not taken specific protective actions.  CIAC believes that
because of the increasing publicity of this technique, the
vulnerability could soon be exploited by the hacker/cracker community.

CIAC would like to thank Novell for providing the security practices,
access information, and general support for our efforts concerning
this issue.  We would also like to acknowledge the efforts of SURFnet
Computer Emergency Response Team CERT-NL for alerting us to this
situation.

For additional information or assistance, please contact CIAC at
(510) 422-8193 / FTS or send e-mail to ciac@llnl.gov.  FAX messages
to: (510) 423-8002 / FTS.

PLEASE NOTE: Many users outside of the DOE and ESnet computing
communities receive CIAC bulletins.  If you are not part of these
communities, please contact your agency's response team to report
incidents.  Some of the other teams include the NASA NSI response
team, DARPA's CERT/CC, NAVCIRT, and the Air Force response team.  Your
agency's team will coordinate with CIAC.

This document was prepared as an account of work sponsored by an
agency of the United States Government.  Neither the United States
Government nor the University of California nor any of their
employees, makes any warranty, expressed or implied, or assumes any
legal liability or responsibility for the accuracy, completeness, or
usefulness of any information, product, or process disclosed, or
represents that its use would not infringe privately owned rights.
Reference herein to any specific commercial products, process, or
service by trade name, trademark manufacturer, or otherwise, does not
necessarily constitute or imply its endorsement, recommendation, or
favoring by the United States Government or the University of
California.  The views and opinions of authors expressed herein do not
necessarily state or reflect those of the United States Government nor
the University of California, and shall not be used for advertising or
product endorsement purposes.


======================================================================



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH