Forwarded From: William Knowles <erehwont_private> [Infoworld] (7.13.98) A security vulnerability has been identified in all shipping versions of NetWare, including Version 5.0, Beta 3, that renders NetWare systems susceptible to internal hackers. NetWare's security holes are coming to light due to the efforts of Nomad Mobile Research Centre, or NMRC, in Arlington, Texas. The organization, which focuses on exposing bugs and holes in networking software, has discovered flaws in the NetWare Core Protocol (NCP) and IPX protocol that let hackers sniff and capture data during a typical user's log-in sequence. In so doing, hackers can gain a level of security access equivalent to the Admin account that has full access to the entire Novell Directory Services tree and can do virtually anything from a system and administrative standpoint, an NMRC representative said. "This bug completely blows Novell's C2 security certification out of the water," the representative said. "Novell has to start taking security flaws seriously, and not just making patches available but actually telling people about them and why they're important," the representative added. One Novell executive said the company is not at all passive in notifying customers of patches. "We are very proactive in documenting solutions and notifying our customers of potential security risks," said Michael Simpson, director of marketing at Novell. "The work of the NMRC is helpful for our customers, because their documents list not only potential problems but several viable solutions," Simpson added. One such solution involves resetting the default NCP packet signatures to Level 3. But even this solution is not foolproof, according to the NMRC. "Even when set to signature Level 3, it became apparent that not all packets were being signed," the NMRC representative said. At least one analyst said this security bug in NetWare could have serious consequences. "Any time you can spoof users, security is compromised," said Jim Balderston, an analyst at Zona Research, in Redwood City, Calif. "At that point, the damage done is limited only by the maliciousness of the hacker." More information on the NetWare security flaw will be posted this week on the NMRC Web site at http://www.nmrc.org. Also, Novell posts information and patches at http://www.support.novell.com. Also this week, Novell plans to launch the latest addition to its BorderManager line of security and border services solutions, designed to facilitate the management of remote users and to ensure secure authentication and access to network resources, Novell officials said. -o- Subscribe: mail majordomot_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:58:36 PDT