Re: Remote Tools w/Exceed v.6.0.1.0 fer 95

From: Robby Dunkerson (Robby_Dunkersonat_private)
Date: Thu Dec 03 1998 - 09:15:54 PST

Next message: Shaw, Daniel J.: "Re: Remote Tools w/Exceed v.6.0.1.0 fer 95"

Previous message: Sparks, Michael ME: "Remote Tools w/Exceed v.6.0.1.0 fer 95"
Maybe in reply to: Sparks, Michael ME: "Remote Tools w/Exceed v.6.0.1.0 fer 95"
Next in thread: Shaw, Daniel J.: "Re: Remote Tools w/Exceed v.6.0.1.0 fer 95"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We had this same probem with the NT version.  It does not occur with 6.1
for NT.  I have not tested it with 95.

robby dunkerson
unix/nt systems administrator
veritas dgc.





"Sparks, Michael ME" <Sparks.Michael.MEat_private> on 12/02/98 08:56:53 AM

Please respond to Bugtraq List <BUGTRAQat_private>

To:   BUGTRAQat_private
cc:    (bcc: Robby Dunkerson/HOU/HPC/VDGC)

Subject:  Remote Tools w/Exceed v.6.0.1.0 fer 95




Hello All,

        I was just looking through my root directory and noticed a file
called test.log.  This file contains the machine name, username, and
password all in clear text for the machine that you are rexec'ing to.

Ex:

========================================================================
C:\WINDOWS\SYSTEM\HUMMBIRD\RSHCTRL.OCX - Wed Dec 02 08:47:11 1998
========================================================================
Socket Success: Family = 2, Type = 1, Protocol = 0, New Socket = 20
IoctlSocket Success: Socket = 20, Cmd = 8004667E, Arg = 1
Bind Success: Socket = 20, Addr = 0.0.0.0,631
Connect Error: Socket = 20, Addr = ??.??.??.??,512, Error = 10035
Send Success: Socket = 20, Flags = 0, Sent 1 of 1
 00                                               .

Send Success: Socket = 20, Flags = 0, Sent 14 of 14
 74 68 69 73 69 73 6D 79 6C 6F 67 69 6E 00        thisismylogin.

Send Success: Socket = 20, Flags = 0, Sent 17 of 17
 74 68 69 73 69 73 6D 79 70 61 73 73 77 6F 72 64  thisismypassword

 00                                               .

Send Success: Socket = 20, Flags = 0, Sent 3 of 3
 6C 73 00                                         ls.

Recv Success: Socket = 20, Flags = 0, Len = 19
 01 70 61 73 73 77 6F 72 64 20 74 6F 6F 20 6C 6F  .password too lo

 6E 67 0A                                         ng.

Recv Success: Socket = 20, Flags = 0, Len = 0
Close Success: Socket = 20
========================================================================

I don't know if anyone uses rtools but if you do and user rexec just
beware.
I was able to disable this by echo "" > c:\test.log ; attrib +r
c:\test.log.

        I apoligize if this is known and or not in the apropriate context
of
this list.


                Michael Sparks
        sparks.michael.meat_private
                Systems Administrator
        "Tis most impossible to remove a misunderstanding." A.

Next message: Shaw, Daniel J.: "Re: Remote Tools w/Exceed v.6.0.1.0 fer 95"
Previous message: Sparks, Michael ME: "Remote Tools w/Exceed v.6.0.1.0 fer 95"
Maybe in reply to: Sparks, Michael ME: "Remote Tools w/Exceed v.6.0.1.0 fer 95"
Next in thread: Shaw, Daniel J.: "Re: Remote Tools w/Exceed v.6.0.1.0 fer 95"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:24:29 PDT