Forwarded From: William Knowles <erehwon@kizmiaz.dis.org>
[Infoworld] (7.13.98) A security vulnerability has been identified in all
shipping versions of NetWare, including Version 5.0, Beta 3, that renders
NetWare systems susceptible to internal hackers.
NetWare's security holes are coming to light due to the efforts of Nomad
Mobile Research Centre, or NMRC, in Arlington, Texas. The organization,
which focuses on exposing bugs and holes in networking software, has
discovered flaws in the NetWare Core Protocol (NCP) and IPX protocol that
let hackers sniff and capture data during a typical user's log-in
sequence. In so doing, hackers can gain a level of security access
equivalent to the Admin account that has full access to the entire Novell
Directory Services tree and can do virtually anything from a system and
administrative standpoint, an NMRC representative said.
"This bug completely blows Novell's C2 security certification out of the
water," the representative said.
"Novell has to start taking security flaws seriously, and not just making
patches available but actually telling people about them and why they're
important," the representative added.
One Novell executive said the company is not at all passive in notifying
customers of patches.
"We are very proactive in documenting solutions and notifying our
customers of potential security risks," said Michael Simpson, director of
marketing at Novell.
"The work of the NMRC is helpful for our customers, because their
documents list not only potential problems but several viable solutions,"
Simpson added.
One such solution involves resetting the default NCP packet signatures to
Level 3. But even this solution is not foolproof, according to the NMRC.
"Even when set to signature Level 3, it became apparent that not all
packets were being signed," the NMRC representative said.
At least one analyst said this security bug in NetWare could have serious
consequences.
"Any time you can spoof users, security is compromised," said Jim
Balderston, an analyst at Zona Research, in Redwood City, Calif. "At that
point, the damage done is limited only by the maliciousness of the
hacker."
More information on the NetWare security flaw will be posted this week on
the NMRC Web site at http://www.nmrc.org. Also, Novell posts information
and patches at http://www.support.novell.com.
Also this week, Novell plans to launch the latest addition to its
BorderManager line of security and border services solutions, designed to
facilitate the management of remote users and to ensure secure
authentication and access to network resources, Novell officials said.
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Sat Jul 18 12:30:32 1998