Title: NetcPlus SmartServer3 Weak Encryption Vulnerability
Severity: MODERATE
Description:
SmartServer3 is an email server designed for small networks.
A design error exists in SmartServer3 which enables an authenticated user to view other users login information and possibly gain access to passwords. SmartServer3 by default intsalls in the C:\ProgramFiles\smartserver3/ directory and includes a configuration file called dialsrv.ini. This file is accessible by all Windows authenticated users and contains detailed user login information including the encrypted password. However SmartServer3 uses a weak encryption scheme which can easily be broken using a third party utility.
Successful exploitation yields unauthorized access to private data.
The following example of user login information found in the dialsrv.ini file is provided by Steven Alexander <steve@cell2000.net>:
[USER1]
realname=Carl Jones
id=Carl
dir=CARL
pw=~:kC@nD3~:
extml=0
alertport=
alert=
UserActive=1
MailLimit=0
MailMAxWarn=0
MailMaxSize=20
Affected Products:
- NetcPlus SmartServer3 3.75.0
References:
- NetcPlus: SmartServer3 Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
