-
February 3rd, 2002, 01:53 AM
#1
Novell Admins Must Read This!!!
Novell NetWare NDS Domain Admin Null Password Vulnerability
Novell NetWare is reportedly prone to an issue which may, under some circumstances, allow an unprivileged NDS user to access NT domain machines using a null password.
The attacker must possess a valid NDS account. The attacker must target a NDS_ADM account that is in the NDS tree and is checked as having "Domain Admin" rights over the NT domain, but must not exist in the NT domain. If these conditions are satisfied, then it is allegedly possible for the unprivileged NDS user to gain unauthorized access to machines in the NT Domain with the privileges of a Domain Admin.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|