Wiki source code of Security Advisory 2012-09-13
Last modified by Arthur Heffern on 2021/09/10 23:37
Show last authors
author | version | line-number | content |
---|---|---|---|
1 | This advisory discloses security vulnerabilities that we have found in the iSymphony Server component. | ||
2 | |||
3 | * **Customers who have downloaded and installed iSymphony **should implement OS-based firewalling to their existing iSymphony installations to fix this vulnerability. (% style="color: rgb(0,0,0);" %) | ||
4 | |||
5 | (% style="color: rgb(0,0,0);" %)i9 Technologies is committed to improving product security and an update will be posted which addresses this issue.(% style="color: rgb(255,0,0);" %) | ||
6 | |||
7 | |||
8 | If you have questions or concerns regarding this advisory, please raise a support request at [[http:~~/~~/www.getisymphony.com/support>>url:http://www.getisymphony.com/support||shape="rect"]]. | ||
9 | |||
10 | |||
11 | |||
12 | {{section}} | ||
13 | {{column}} | ||
14 | = Security Vulnerabilities = | ||
15 | |||
16 | == Vulnerability == | ||
17 | |||
18 | ==== Severity ==== | ||
19 | |||
20 | HIGH | ||
21 | |||
22 | ==== Risk Assessment ==== | ||
23 | |||
24 | iSymphony, by default uses the following TCP ports to communicate with the outside world: | ||
25 | |||
26 | |=((( | ||
27 | TCP Port Number | ||
28 | )))|=((( | ||
29 | Purpose | ||
30 | ))) | ||
31 | |((( | ||
32 | 50000 | ||
33 | )))|((( | ||
34 | Client <-> Server Event Communication | ||
35 | ))) | ||
36 | |((( | ||
37 | 50001 | ||
38 | )))|((( | ||
39 | Command Line Interface | ||
40 | ))) | ||
41 | |((( | ||
42 | 50002 | ||
43 | )))|((( | ||
44 | Text Based Presence Status Socket | ||
45 | ))) | ||
46 | |(% colspan="1" %)(% colspan="1" %) | ||
47 | ((( | ||
48 | 50003 | ||
49 | )))|(% colspan="1" %)(% colspan="1" %) | ||
50 | ((( | ||
51 | Embedded HTTP Server To Serve Java WebStart (JNLP) Files | ||
52 | ))) | ||
53 | |||
54 | iSymphony Server TCP sockets on the above listed TCP port numbers do not have IP/Subnet based permission schema. If your iSymphony Server installation's ports 50001 to 50003 are accessible via a network connection and not firewalled, the the above ports may be subject to malicious attackers, or internal organization information may be obtained from telnet based usage of this port **(see note below)**. | ||
55 | |||
56 | {{info title="Encryption"}} | ||
57 | Port 50000 does utilize encryption for server-client authentication and message passing, so it would be incredibly unlikely for malicious attackers to utilize this port in any meaningful fashion. | ||
58 | {{/info}} | ||
59 | |||
60 | ==== Vulnerability ==== | ||
61 | |||
62 | iSymphony does not provide a mechanism implementing IP based permissions allowing for selective source-address connections to the iSymphony Command Line or Text Based Interfaces. | ||
63 | |||
64 | ==== Fix ==== | ||
65 | |||
66 | Utilize IPTables / IPChains (Linux), IPFW (BSD), 3rd Party Firewall implementation or appliance to effect firewalling based filtering prohibiting unauthorized access to TCP Ports listed above on machine hosting the iSymphony Server component. | ||
67 | {{/column}} | ||
68 | |||
69 | {{column width="300px"}} | ||
70 | |||
71 | |||
72 | ** | ||
73 | ** | ||
74 | |||
75 | {{panel title="In this advisory"}} | ||
76 | |||
77 | |||
78 | {{toc maxLevel="4" minLevel="2"/}} | ||
79 | {{/panel}} | ||
80 | |||
81 | |||
82 | |||
83 | |||
84 | |||
85 | |||
86 | {{/column}} | ||
87 | {{/section}} |