Netware IPX管理会话伪骗漏洞

漏洞信息详情

Netware IPX管理会话伪骗漏洞

• CNNVD编号：CNNVD-199907-018
• 危害等级： 超危
  
  
• CVE编号：
  CVE-1999-1086
  
• 漏洞类型：
  
  
  配置错误
  
• 发布时间：
  
  1999-07-15
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  novell
• 漏洞来源：
  NMRC advisory post…

Novell 5及之前版本，在运行于包签名小于3级的IPX时存在漏洞。远程攻击者通过伪造IPC碎片数据包中的MAC地址获得管理特权，其中的IPC碎片数据包会引起NetWare Core Protocol (NCP)的调用。

Quoted verbatim from the NMRC advisory:
Use Packet Signature Level 3 everywhere, and make sure clients cannot touch their own signature settings. LAN Admins should never access a server unless using Level 3, and the security on the workstation should be restrictive enough to prevent unauthorized adjustments (i.e. use a locked-down NT client with no server services running, behind a locked door, although this simply places your trust in Microsoft). Use switched Ethernet.

来源: BID
名称: 528
链接:http://www.securityfocus.com/bid/528

来源: BUGTRAQ
名称: 19990715 NMRC Advisory: Netware 5 Client Hijacking
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=93214475111651&w=2