Net Tools PKI Server Allows Unauthorized Access

 
Net Tools PKI Server Allows Unauthorized Access
Reported June 19 by Jim Stickley

DESCRIPTION

A vulnerability exists an OEM version of software incorporated into the Net Tools PKI Server software. Under rare circumstances an intruder could gain unauthorized access to the system hosting the Enrollment and/or Administrative Web servers of the Net Tools PKI package.

The vulnerability involves the XUDA template files, which are included with the package. The templates do not reference absolute pathnames when refering to other files.

According to the discover, "to determine whether anyone has attempted to exploit this vulnerability, check the enroll-access.log and the admin-access.log files in the WebServer/logs directory of your Net Tools PKI Server installation. Search for any log entries which include "x-templates" in the URL. Each entry can then be examined to see the IP address of the computer and what files were accessed."

VENDOR RESPONSE

Network Associates is aware of the problem and has released a patch to correct the matter. Be sure to review the readme.txt file.

CREDITS
Discovered and reported by Jim Stickley