Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

timbuktu-pwn.txt

🗓️ 07 Oct 2008 00:00:00Reported by WintercoreType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 29 Views

Public warning for users of Timbuktu Remote Control Software regarding security vulnerability in Internet Locator service. Hardcoded user/password pair in SALT.dll allows unauthorized access to user records including IP, email, and license information

Code
`  
  
We just want to make a public warning to those users of Motorola/Netopia  
Timbuktu Remote Control Software who are using the Internet Locator  
service. This service allows to locate any Timbuktu's user just by  
knowing the email.  
  
More than five months ago we notified Netopia's customer support  
(http://blog.wintercore.com/?p=21), after discovering a hardcoded  
user/password pair within SALT.dll.  
  
---------------  
v 8.6.5.1373  
Dll: SALT.dll  
Address: 0x604b83D4  
PE section: .rdata  
user: xa7z8  
pass: e74sa9  
url: findme.netopia.com/_REMOVE_THIS_findme/  
---------------  
  
By using this information it was possible to access, in real-time, to  
hundreds of users' records containing their IP, email, software version  
and information related to the license.  
  
We have received no reply since then. 5 months after, we have found out  
what we would say an "obvious" patch:  
"if the problem was the user/password, well, let's remove it!. Fixed.".  
Really hilarious.  
  
Now, *everyone* can access those records without having valid credentials.  
  
Taking into account that there are remote exploits available for that  
software, that everyone can grab your IP and software version, and that  
there are emails from government, military and high-profile corporate  
staff, better you disable that feature.  
  
  
--   
  
Wintercore  
Agustin de Betancourt, 21. 8th Floor.  
28003 Madrid. Spain.  
Phone: +(34) 91 395 63 40  
www.wintercore.com  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
07 Oct 2008 00:00Current
7.4High risk
Vulners AI Score7.4
timbuktu remote control softwaresecurity vulnerabilityhardcoded user passwordsalt.dllunauthorized accessuser recordsinternet locator service.
29