COMMAND

    NetOp

SYSTEMS AFFECTED

    Danware Data NetOp 6.0, 6.5

PROBLEM

    NetOp is  a remote  control utility,  offering console  access via
    netowrk or serial connections.   On NT and Windows 2000  machines,
    the software runs in the SYSTEM context by default.

    The software includes the ability to perform direct file transfers
    to and from  the host machine.   No authentication is  required to
    perform  this   activity,  meaning   that  any   user  with    the
    freely-downloadable client and access  to netbios sessions on  the
    target can  perform read/write/create  operations to  any file  on
    the system, including password and configuration data.

    Version  6.50  (2000094)  (trialware)   is  still  vulnerable   by
    default, although it does give  the option to configure it  to use
    either NetOp security or Windows  security, in which case you  can
    customize which users have access to which functions.

    This was discovered  by axess and  publicized in a  buffer0verfl0w
    security advisory (b0f-SA2000-002).

SOLUTION

    With  the  'Windows  security'  option  the relevant NTFS ACLs are
    applied in addition to whatever settings are specified in NetOp.