Verax NMS Hardcoded Private Key

2013-03-07T00:00:00
ID PACKETSTORM:120687
Type packetstorm
Reporter Andrew Brooks
Modified 2013-03-07T00:00:00

Description

                                        
                                            `Verax NMS Hardcoded Private Key (CVE-2013-1352)  
  
I. BACKGROUND  
----------------------  
Verax NMS provides a service-oriented, unified  
management & monitoring of networks, applications  
and infrastructure enabling quick problem detection,  
root-cause analysis, reporting and automating recovery,  
reducing costs and shortening downtimes of IT service delivery.  
  
Source: http://www.veraxsystems.com/en/products/nms  
  
II. DESCRIPTION  
----------------------  
In versions prior to 2.1.0 of VeraxNMS, the server-side component  
eadministratorconsole-core-1.5.2.jar, contains a method named  
decryptPassword(). This method provides the functionality  
to decrypt a user's password using an implementation of RSA.  
Within com.veraxsystems.eadministratorconsole.remote.service.impl,  
it has been discovered that decryptPassword() uses a static,  
hardcoded private key to facilitate this process. As a result,  
these passwords should be considered insecure due to the fact  
that recovering the private key is decidedly trivial.  
  
III. AFFECTED PRODUCTS  
----------------------  
All versions of Verax NMS prior to 2.1.0 are vulnerable.  
  
IV. RECOMMENDATION  
----------------------  
Users should upgrade to version 2.1.0 of Verax NMS.  
  
V. CREDIT  
----------------------  
This vulnerability was discovered by Andrew Brooks.  
  
VI. REFERENCES  
----------------------  
CVE-2013-1352  
CVE-2013-1351 (Related)  
http://download.veraxsystems.com/download/nms-2.1.0-release-notes.txt  
  
VII. TIMELINE  
----------------------  
1/10/2013 - Vendor notified  
1/11/2013 - Vendor acknowledges bug report  
2/20/2013 - Vulnerability remediated and pushed to mainline  
`