Auerswald COMsuite/ Back Door

2007-10-23 / 2007-10-24
Credit: Sebastian Schreiber
Risk: Medium
Local: Yes
Remote: Yes
CVE: CVE-2003-1457
CWE: N/A


CVSS Base Score: 4.6/10
Impact Subscore: 6.4/10
Exploitability Subscore: 3.9/10
Exploit range: Local
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

------------------------------------------------------------------------ SySS-Advisory: Auerswald COMsuite/ Back Door DATE: April 16th 03 (Published 29th April 03) AUTHOR: Sebastian Schreiber <Schreiber (at) SySS (dot) de [email concealed]> SySS GmbH 72070 Tbingen / Germany Tel.: +49-7071-407856-0 AFFECTED SYSTEMS: Auerswald COMsuite CTI ControlCenter 3,1,2001,6 (also known as: 3.1 06/2001) (see: www.auerswald.de) DESCRIPTION: If you install the CTI applicaton "Auerswald COMsuite CTI Control Center" a user "runasositron" is created. The user's password is known by SySS and very easy to guess (using L0phtCrack for example). IMPACT: This account can be used locally and remotely to access the Windows PC on which COMsuite is installed. WORKAROUND: Deactivate the user. CTI still works. VENDOR STATUS: Auerswald has been contacted on April 15th 2003. Auerswald told me that deactivating the account might disable fax/voice mail if nobody is logged on. Best regards, Dipl.-Inform. Pierre Kroma Security Consultant ======================================================== SySS GmbH 72070 Tbingen Germany Voice: ++49 7071-407856-0 mailto: Kroma (at) syss (dot) de [email concealed] Key fingerprint = 927A B13E 16F5 BBAB 8F17 75EB D8E1 A9A4 F257 4EEC


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top