ScriptLogic sets insecure permissions on "LOGS$" share

2003-04-30T00:00:00
ID VU:813737
Type cert
Reporter CERT
Modified 2003-05-01T18:04:00

Description

Overview

Version 4.01 of ScriptLogic contains a vulnerability in the default permissions assigned to the network share used for logging.

Description

The ScriptLogic product from ScriptLogic, Inc. provides remote system administration capabilities for Microsoft Windows systems in a domain. ScriptLogic optionally uses a network share to store logging data. A vulnerability in the default access control for the ScriptLogic logging share (usually named LOGS$, but defined by the administrator at install time) in version 4.01 (as tested by the CERT/CC) allows an end user full access to a network share into which ScriptLogic writes its log files. The ScriptLogic installation program, intended to be run on a server, creates this network share without explicitly setting restrictive share-level permissions. As a result, the Windows default permissions are applied, thereby granting the "Everyone" group full access to the share.

The CERT/CC has verified the existence of this vulnerability in version 4.01 of the ScriptLogic software. Version 4.14 of the ScriptLogic software has been tested by the CERT/CC and shown not to contain this vulnerability. The access permissions on the LOGS$ share have been limited in this version of the ScriptLogic software.


Impact

Any user with access to the share can modify ScriptLogic log records. Additionally, an intruder can consume disk space, introduce malicious code, or store unauthorized files on the open share.

This vulnerability, when used in conjunction with other, unrelated vulnerabilities, could allow an intruder to invoke malicious code they have stored on the open share. Consumption of excessive disk space may also interfere with or halt the ordinary operation of the system housing the LOGS$ share.

The ability to use a network share for logging is an optional feature in the ScriptLogic software. Sites that have not configured logging to a network share are not affected by this vulnerability. Sites that have selected to log to an alternate network share with restricted access may be at a reduced risk for this vulnerability, depending on their environment.


Solution

Upgrade to the latest version of the software

Version 4.14 of the ScriptLogic software has been tested by the CERT/CC and shown not to contain the vulnerability. Users of potentially vulnerable versions of the software are encouraged to upgrade to this version.


Vendor Information

813737

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

ScriptLogic Corporation __ Affected

Notified: October 21, 2002 Updated: April 30, 2003

Status

Affected

Vendor Statement

ScriptLogic Corporation does not agree with CERT/CC’s assessment and does not consider this to be a vulnerability. Additionally, ScriptLogic has never received any reports from customers regarding this alleged vulnerability in any version of the software.

ScriptLogic agrees with CERT’s assessment that version 4.14 of ScriptLogic does not contain this alleged vulnerability.

ScriptLogic encourages all customers to use the most current version of the software. The current version is available for download at the ScriptLogic web support center located at <http://www.scriptlogic.com/support/scriptlogic/sl40/default.asp>.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | |
Temporal | |
Environmental | |

References

<http://www.scriptlogic.com/>

Acknowledgements

This document was written by Chad R Dougherty. Technical assistance during testing was provided by Art Manion and Matt Lytle. The CERT/CC appreciates ScriptLogic, Inc.'s cooperation in providing an updated copy of the software for the purpose of vulnerability testing.

Other Information

CVE IDs: | None
---|---
Severity Metric: | 1.26
Date Public: | 2003-04-30
Date First Published: | 2003-04-30
Date Last Updated: | 2003-05-01 18:04 UTC
Document Revision: | 30