COMMAND

    wingate

SYSTEMS AFFECTED

    Systems running wingate v2.1

PROBLEM

    Following info is based on Rhino9 Advisory.  The problem is in the
    WinGate LogFile service being accessable to anyone by default  and
    poor programming on the part of Deerfield Communications  Company.
    If the LogFile service is not reconfigured after install then  any
    remote  user  can  access  the  WinGate  servers hard drive having
    readaccess  to  any  file  on  the  same  drive  as  the   WinGate
    installation.   WinGate  servers  that  are  running  the  LogFile
    Service, listen for  connections on TCP  Port 8010.   By opening a
    HTTP session to this port you will either get a "connection cannot
    be established" or  a listing of  directories on the  remote drive
    wingate was installed upon.

SOLUTION

    Under your  WinGate "GateKeeper"  make sure  your LogFile  Service
    Bindings  do  not  allow  connections  coming in on any interface.
    Basically as with any WinGate situation, deny access from all IP's
    except for the  trusted IPs on  your internal network  or possbile
    remote IPs that you might use  to check your system from a  remote
    location.