I could not say, but I would not be at all surprised. APC had a similar hole in earlier (pre mid last year) versions of their powerchute nlm for netware. When they released their Powerchute-VS line the included software was able to manage (without authentication) servers that were running the full version of powerchute. It basically allowed anyone to with the powerchute VS software to manage the APC on the Powerchute server, and _yes_ you could powerdown the server. They do have newer version which should fix this. One of the versions is for Netware 4.x and supposedly solves the problem via always authenticating to NDS. I believe that the version for Netware 3.x servers simply uses a new SAP type (security through obscurity). If this is the only change, then with the appropriate tools (Powerchute-VS hacked to listen to the new SAP type) then the newer NLM for netware 3.x would have the same liabilities. Gotta love it! -Iain On 13 Apr 98 at 5:53, Chris Liljenstolpe - Network wrote: > Greetings, > > I hope that this UDP port (I haven't looked at PowerChute) is just used > by the UPS's to report problems, and that PowerChute doesn't use that to > make critical decisions (like shutdown). I know PowerChute CAN be used to > shutdown the system, I just don't know if that feature can be triggered by a > network reported event. That makes for an even better exploit.... > > Chris > ******************************************* Iain P.C. Moffat College of Health Professions University of Florida ipmat_private *******************************************
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:49:14 PDT