SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Generic)  >   PowerChute Vendors:   American Power Conversion Corp.
APC PowerChute Plus for Windows Default Configuration Creates a Shared Folder with World Writeable Permissions
SecurityTracker Alert ID:  1004686
SecurityTracker URL:  http://securitytracker.com/id/1004686
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 3 2002
Impact:   Disclosure of system information, Modification of system information
Exploit Included:  Yes  
Version(s): PowerChute Plus 5.0.2
Description:   A vulnerability was reported in APC's PowerChute software. Under the default configuration, a remote user can access the PowerChute folder with write privileges via Windows networking.

It is reported that the default installation creates the folder 'Program Files\Pwrchute ' and shares this folder via Windows networking with the name 'PWRCHUTE' and with world writeable permissions.

A remote user can access the folder and modify the programs in the folder.

According to the report, Dmitry Zubov <dimka at dz.dn.ua> reported this vulnerability in the following message:

http://www.security.nnov.ru/search/news.asp?binid=2064

Impact:   A remote user can access the shared folder and modify the PowerChute programs in the folder.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.apc.com/ (Links to External Site)
Cause:   Access control error, Configuration error
Underlying OS:   Windows (95), Windows (98)

Message History:   None.


 Source Message Contents

Date:  Thu, 20 Jun 2002 14:00:51 +0400
Subject:  bugtraq@security.nnov.ru list issues


Dear bugtraq@securityfocus.com,

  There  were  few  issues  reported to bugtraq@security.nnov.ru list in
  Russian during last months.

  This issues have no relation to SECURITY.NNOV team.
  Please contact authors directly if you have any questions.
  

  1.   Dmitry   Zubov  <dimka  at  dz.dn.ua>  reports  vulnerability  in
  APC PowerChute for Windows 95/98:

   APC  (American  Power  Conversion Corp.) http://www.apc.com
   PowerChute plus 5.0.2 for Windows 95/98

   During  installation  Program  Files\Pwrchute  folder  is  shared  as
   PWRCHUTE  world  writable  without  user  notification.  It  makes it
   possible to trojan program files.

   References:
   http://www.security.nnov.ru/search/news.asp?binid=2064

  2.  A.V.  Komlin <avkvladru at mail.ru> reports few vulnerabilities in
  El Gamal - based algorithms

   A  weakness  found  in  El  Gamal - based algorithms allows to create
   valid signature without knowledge of private key by introducing minor
   modifications  in document. This problem is known to exist in Russian
   official  GOST  34.19-2001  standard.  It's  not  known if it affects
   ECDSA.  There  are  also  few  minor  problems  mostly connected with
   unclear border values definitions.

   References:
   http://www.security.nnov.ru/search/news.asp?binid=1917
   http://www.bugtraq.ru/cgi-bin/forum.mcgi?type=sb&b=15&m=46049


  3.  There  was  also  report by DocSoft <docsoft at mail.ru> on buffer
  overflow  in  some  older version of ncftpd on Solaris , but I was not
  able to reproduce it at least on demo version of ncftpd >= 2.5.0 under
  FreeBSD,  so  it  was  bounced.  Overflow  is on FTP DELE command with
  buffer  >  256  bytes. Feel free to contact DocSoft if you can confirm
  vulnerability.

-- 
http://www.security.nnov.ru
         /\_/\
        { , . }     |\
+--oQQo->{ ^ }<-----+ \
|  ZARAZA  U  3APA3A   }
+-------------o66o--+ /
                    |/
You know my name - look up my number (The Beatles)

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC