• IDP Daily Update #1312
  posted: 11/18/08
  
• NSM Daily Update #1312
  posted: 11/18/08
  
• Deep Inspection 5.3r5 and above, 5.4, 6.0 #1312
  posted: 11/18/08
  
• Deep Inspection 5.1, 5.2, 5.3r4 and below #1300
  posted: 11/18/08
  
• Deep Inspection 5.0 #1132
  posted: 04/01/08
  
• Antivirus
  posted: 11/17/08

Text Size:        

• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: SWIMAGE Encore Master Password Information Disclosure Vulnerability

Severity: MODERATE

Description:

SWIMAGE Encore is an application for automating server, remote desktop, and client deployments. The application consists of a server and a client program, 'Conductor.exe'.

The application is prone to an information-disclosure vulnerability because it fails to securely remove authentication credentials from memory. The server sends '.bin' files to remote client computers. The server also sends the 'Conductor.exe' program, which is used to access the data in the '.bin' files. 'Conductor.exe' contains a hard-coded master password in plain-text form. Following a successful deployment, the server removes the '.bin' files and 'Conductor.exe' from the remote computers, but fails to sanitize client memory, which still contains the master password.

Attackers can exploit this issue to gain authentication credentials for vulnerable applications. Information harvested may aid in launching further attacks.

Affected Products:

• Intrinsic Technologies SWIMAGE Encore

References:

• Intrinsic Technologies: SWIMAGE Encore Homepage
• US-CERT: Vulnerability Note VU#778427 Intrinsic Swimage Encore does not securely manage l