COMMAND

    Net Tools PKI server

SYSTEMS AFFECTED

    Net Tools PKI server

PROBLEM

    Jim Stickley found following.

    ISSUE #1 There  is a vulnerability  in an OEM  version of software
    incorporated within the Net Tools PKI Server product.  An attacker
    can, under  rare circumstances,  gain unauthorized  access to  the
    computer hosting the Enrollment and/or Administrative Web  servers
    of the Net Tools PKI.  The vulnerability revolves around an  issue
    with  the  XUDA  template  files  included with the product, where
    these files do  not reference absolute  pathnames to other  files.
    To  determine  whether  anyone  has  attempted  to  exploit   this
    vulnerability,    check    the    enroll-access.log    and     the
    admin-access.log  files  in  the  WebServer/logs directory of your
    Net Tools  PKI Server  installation.   Search for  any log entries
    which include "x-templates"  in the URL.   Each entry can  then be
    examined to see the IP address of the computer and what files were
    accessed.

    ISSUE #2 Jim has discovered a potential buffer overflow/denial  of
    service vulnerability in an  OEM version of software  incorporated
    within  the  Net   Tools  PKI  Server   product.   Under   certain
    circumstances, sending HTTP  requests with abnormally  long values
    can cause the Net Tools PKI Directory Server to crash.

SOLUTION

    NAI has  produced a  hotfix to  solve these  issues and  it can be
    downloaded at:

        ftp://ftp.tis.com/gauntlet/hide/pki/PKISERVER100-SP1-103-1.EXE