ID

VAR-200001-0069

TITLE

Intel InBusiness E-mail Workstation Security Vulnerability

DESCRIPTION

Intel InBusiness E-mail is a small application server. This product has a security vulnerability that allows unauthorized remote attackers to delete arbitrary files on the hard disk and change the configuration file of the e-mail workstation. Under certain conditions, remote attackers also It is possible to read the e-mail of any user in the system. Details: This e-mail workstation runs the VxWorks operating system and uses a 486 SX25 processor. A daemon called "daynad" is bound to TCP port 244. By connecting to this service port, you can execute many commands without going through any security authentication. By simply establishing a TCP connection to this port, the following commands can be executed: FormSet: After the next restart, this e- The mail workstation will be restored to the factory state. In this state, the e-mail workstation will use a DHCP server to obtain its own IP address. This also means that the attacker can connect to e without any password after the next restart. -Mail workstation and complete control of the entire device. FormProtect: After the next restart, the e-mail workstation will be restored to the factory state and all passwords will be disabled. Only reconnecting Use the FormSet command to restore to port 244. MakeDir: Create a directory on the hard disk Remove: Remove the specified file from the hard disk, which may be the user's mail or other files. Z: This command will provide a UNIX-type login prompt interface. Enter the password of the super user to enter. If the password is reset using FormSet, the attacker may log in without the password. Once logged in, the attacker may execute arbitrary commands to operate the hard disk. & Lt; * Source: Kit Knox (kit@CONNECTNET.COM) *>. e-mail

IOT TAXONOMY

AFFECTED PRODUCTS

CVSS

TYPE

Buffer overflow

EXTERNAL IDS

SOURCES

LAST UPDATE DATE

2022-05-17T02:05:39.822000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE