Also if people wouldn't mind including the build information as ISS states: Vulnerable: RealSecure for Nokia 6.0 Build 6.0.2001.141 ONLY Fix Version: RealSecure for Nokia 6.0 Build 6.0.2001.141d That way there is less confusion etc... Signed, Marc Maiffret Chief Hacking Officer eEye Digital Security T.949.349.9062 F.949.349.9538 http://eEye.com/Retina - Network Security Scanner http://eEye.com/Iris - Network Traffic Analyzer http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities | -----Original Message----- | From: hellNbak [mailto:hellnbak@nmrc.org] | Sent: Friday, March 22, 2002 2:56 PM | To: bugtraq@securityfocus.com | Cc: focus-ids@securityfocus.com | Subject: RE: NMRC Advisory: RealSecure KeyManager Issue - Further | Explanation | | | In attempt to perhaps get others who have access to Nokia Hardware to | confirm this issue, here are the steps required to replicate my finding. | | 1.) Install RealSecure IPSO using the Nokia Voyager web tool. | 2.) Install REalSecure Console to NT Box | 3.) Connect and configure Console as key manager | 4.) Install another box as the REalSecure console and name this box | Starscream and create a username skank. | 5.) Login as skank launch the console and attempt to connect to the | Nokia box. | | >From here you should be able to connect to the Nokia box as | starscream_skank is already a keymanager. | | If anyone can re-confirm what I have already tested a couple times that | would be great. | | -- | -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | | "I don't intend to offend, I offend with my intent" | | hellNbak@nmrc.org | http://www.nmrc.org/~hellnbak | | -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | |
