Wiki source code of Security Advisory 2012-09-13
Version 10.1 by Arthur Heffern on 2012/10/09 15:08
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | |||
| 2 | |||
| 3 | (% style="color: rgb(0, 0, 0); color: rgb(51, 51, 51)" %)This advisory discloses security vulnerabilities that we have found in the iSymphony Server component. | ||
| 4 | |||
| 5 | * **Customers who have downloaded and installed iSymphony **should implement OS-based firewalling to their existing iSymphony installations to fix this vulnerability. (% style="color: rgb(0,0,0);" %) | ||
| 6 | |||
| 7 | (% style="color: rgb(0,0,0);" %)i9 Technologies is committed to improving product security and an update will be posted which addresses this issue.(% style="color: rgb(255,0,0);" %) | ||
| 8 | |||
| 9 | |||
| 10 | If you have questions or concerns regarding this advisory, please raise a support request at [[http:~~/~~/www.getisymphony.com/support>>url:http://www.getisymphony.com/support||shape="rect"]]. | ||
| 11 | |||
| 12 | |||
| 13 | |||
| 14 | {{section}} | ||
| 15 | {{column}} | ||
| 16 | = Security Vulnerabilities = | ||
| 17 | |||
| 18 | == Vulnerability == | ||
| 19 | |||
| 20 | ==== Severity ==== | ||
| 21 | |||
| 22 | HIGH | ||
| 23 | |||
| 24 | ==== Risk Assessment ==== | ||
| 25 | |||
| 26 | iSymphony, by default uses the following TCP ports to communicate with the outside world: | ||
| 27 | |||
| 28 | |=((( | ||
| 29 | TCP Port Number | ||
| 30 | )))|=((( | ||
| 31 | Purpose | ||
| 32 | ))) | ||
| 33 | |((( | ||
| 34 | 50000 | ||
| 35 | )))|((( | ||
| 36 | Client <-> Server Event Communication | ||
| 37 | ))) | ||
| 38 | |((( | ||
| 39 | 50001 | ||
| 40 | )))|((( | ||
| 41 | Command Line Interface | ||
| 42 | ))) | ||
| 43 | |((( | ||
| 44 | 50002 | ||
| 45 | )))|((( | ||
| 46 | Text Based Presence Status Socket | ||
| 47 | ))) | ||
| 48 | |(% colspan="1" %)(% colspan="1" %) | ||
| 49 | ((( | ||
| 50 | 50003 | ||
| 51 | )))|(% colspan="1" %)(% colspan="1" %) | ||
| 52 | ((( | ||
| 53 | Embedded HTTP Server To Serve Java WebStart (JNLP) Files | ||
| 54 | ))) | ||
| 55 | |||
| 56 | iSymphony Server TCP sockets on the above listed TCP port numbers do not have IP/Subnet based permission schema. If your iSymphony Server installation's ports 50001 to 50003 are accessible via a network connection and not firewalled, the the above ports may be subject to malicious attackers, or internal organization information may be obtained from telnet based usage of this port **(see note below)**. | ||
| 57 | |||
| 58 | |||
| 59 | |||
| 60 | {{info title="Encryption"}} | ||
| 61 | Port 50000 does utilize encryption for server-client authentication and message passing, so it would be incredibly unlikely for malicious attackers to utilize this port in any meaningful fashion. | ||
| 62 | {{/info}} | ||
| 63 | |||
| 64 | ==== Vulnerability ==== | ||
| 65 | |||
| 66 | iSymphony does not provide a mechanism implementing IP based permissions allowing for selective source-address connections to the iSymphony Command Line Interface. | ||
| 67 | |||
| 68 | ==== Fix ==== | ||
| 69 | |||
| 70 | Utilize IPTables / IPChains (Linux), IPFW (BSD), 3rd Party Firewall implementation or appliance to effect firewalling based filtering prohibiting access to TCP Port 50001 on machine hosting the iSymphony Server component. | ||
| 71 | {{/column}} | ||
| 72 | |||
| 73 | {{column width="300px"}} | ||
| 74 | |||
| 75 | |||
| 76 | ** | ||
| 77 | ** | ||
| 78 | |||
| 79 | {{panel title="In this advisory"}} | ||
| 80 | |||
| 81 | |||
| 82 | {{toc maxLevel="4" minLevel="2"/}} | ||
| 83 | {{/panel}} | ||
| 84 | |||
| 85 | |||
| 86 | |||
| 87 | |||
| 88 | |||
| 89 | |||
| 90 | {{/column}} | ||
| 91 | {{/section}} |