Legato NetWorker Plaintext Log File Vulnerability

Legato NetWorker Plaintext Log File Vulnerability

Legato NetWorker is a server package designed to help share data, media and backup processes across a heterogeneous network. The Legato NetWorker server will run on a number of Unix variants, as well as Microsoft Windows NT/2000 systems.

Extremely sensitive information is stored in plaintext in logs, such as authentication credentials (username/password) for systems that have been backed up. A local attacker able to peruse the contents of the log files may be able to use such information to gain access to other hosts on the network, possibly with elevated privileges.

This issue is further compounded by the fact Legato NetWorker, by default, creates log files with world-readable permissions. This additional vulnerability is described in BugTraq ID 3840 "Legato NetWorker Insecure Log Permissions Vulnerability".

This vulnerability was discovered in Legato NetWorker 6.1 and has not been confirmed with other versions. However, the possibility that other versions are affected shouldn't be ruled out.