Wiki source code of Security Advisory 2012-09-13
Version 12.1 by Arthur Heffern on 2012/10/09 15:12
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | This advisory discloses security vulnerabilities that we have found in the iSymphony Server component. | ||
| 2 | |||
| 3 | * **Customers who have downloaded and installed iSymphony **should implement OS-based firewalling to their existing iSymphony installations to fix this vulnerability. (% style="color: rgb(0,0,0);" %) | ||
| 4 | |||
| 5 | (% style="color: rgb(0,0,0);" %)i9 Technologies is committed to improving product security and an update will be posted which addresses this issue.(% style="color: rgb(255,0,0);" %) | ||
| 6 | |||
| 7 | |||
| 8 | If you have questions or concerns regarding this advisory, please raise a support request at [[http:~~/~~/www.getisymphony.com/support>>url:http://www.getisymphony.com/support||shape="rect"]]. | ||
| 9 | |||
| 10 | |||
| 11 | |||
| 12 | {{section}} | ||
| 13 | {{column}} | ||
| 14 | = Security Vulnerabilities = | ||
| 15 | |||
| 16 | == Vulnerability == | ||
| 17 | |||
| 18 | ==== Severity ==== | ||
| 19 | |||
| 20 | HIGH | ||
| 21 | |||
| 22 | ==== Risk Assessment ==== | ||
| 23 | |||
| 24 | iSymphony, by default uses the following TCP ports to communicate with the outside world: | ||
| 25 | |||
| 26 | |=((( | ||
| 27 | TCP Port Number | ||
| 28 | )))|=((( | ||
| 29 | Purpose | ||
| 30 | ))) | ||
| 31 | |((( | ||
| 32 | 50000 | ||
| 33 | )))|((( | ||
| 34 | Client <-> Server Event Communication | ||
| 35 | ))) | ||
| 36 | |((( | ||
| 37 | 50001 | ||
| 38 | )))|((( | ||
| 39 | Command Line Interface | ||
| 40 | ))) | ||
| 41 | |((( | ||
| 42 | 50002 | ||
| 43 | )))|((( | ||
| 44 | Text Based Presence Status Socket | ||
| 45 | ))) | ||
| 46 | |(% colspan="1" %)(% colspan="1" %) | ||
| 47 | ((( | ||
| 48 | 50003 | ||
| 49 | )))|(% colspan="1" %)(% colspan="1" %) | ||
| 50 | ((( | ||
| 51 | Embedded HTTP Server To Serve Java WebStart (JNLP) Files | ||
| 52 | ))) | ||
| 53 | |||
| 54 | iSymphony Server TCP sockets on the above listed TCP port numbers do not have IP/Subnet based permission schema. If your iSymphony Server installation's ports 50001 to 50003 are accessible via a network connection and not firewalled, the the above ports may be subject to malicious attackers, or internal organization information may be obtained from telnet based usage of this port **(see note below)**. | ||
| 55 | |||
| 56 | {{info title="Encryption"}} | ||
| 57 | Port 50000 does utilize encryption for server-client authentication and message passing, so it would be incredibly unlikely for malicious attackers to utilize this port in any meaningful fashion. | ||
| 58 | {{/info}} | ||
| 59 | |||
| 60 | ==== Vulnerability ==== | ||
| 61 | |||
| 62 | iSymphony does not provide a mechanism implementing IP based permissions allowing for selective source-address connections to the iSymphony Command Line or Text Based Interfaces. | ||
| 63 | |||
| 64 | ==== Fix ==== | ||
| 65 | |||
| 66 | Utilize IPTables / IPChains (Linux), IPFW (BSD), 3rd Party Firewall implementation or appliance to effect firewalling based filtering prohibiting access to TCP Port 50001 on machine hosting the iSymphony Server component. | ||
| 67 | {{/column}} | ||
| 68 | |||
| 69 | {{column width="300px"}} | ||
| 70 | |||
| 71 | |||
| 72 | ** | ||
| 73 | ** | ||
| 74 | |||
| 75 | {{panel title="In this advisory"}} | ||
| 76 | |||
| 77 | |||
| 78 | {{toc maxLevel="4" minLevel="2"/}} | ||
| 79 | {{/panel}} | ||
| 80 | |||
| 81 | |||
| 82 | |||
| 83 | |||
| 84 | |||
| 85 | |||
| 86 | {{/column}} | ||
| 87 | {{/section}} |