Toshiba Commerce Solutions Information for VU#924506

Toshiba 4690 OS contains an information disclosure vulnerability

Status

Affected

Vendor Statement

Vulnerability ID: VU#301788 Vulnerability #2

Vulnerability Name: Toshiba 4690 Operating System – 4690 OS System
Environmental Variables Accessible.  

Overview  

The vulnerability report stated that a string written to port 54138 "causes
system environmental variables and other information to be returned to the
attacker without authentication". This is by design and is part of the support
capabilities of 4690.  

Description

The data being returned contains information about the current state of the
4690 OS and can be used for problem determination. The information is generally
the same as that available by local 4690 APIs or from RMA, the 4690 OS system
management function. It doesn't contain sensitive (PCI) information. The fact
that a string is used is a relic of a prior design of the tool that used the
same port as the unix finger service. However at this point the string is used
simply as a handshake.

Impact

Anyone on the same network could send this byte sequence receive the same data.
The ADXSITQL can send additional commands to the machine to receive other data
as well, such as directory listings or enhanced mode log files. File transfer
of other files in either direction is not allowed. We don't consider directory
listings and other environmental information to be sensitive data. There is no
sensitive data places in these log files that can be collected via this
mechanism.

Solution

The user should disable the ADXSITCF logical name to the string -q. This will
disable the services that connect with the network to provide this information,
however it will also disable RMA system management data collection as well as
prevent the use of ADXSITQL by support teams for gathering information without
dumping the machine.  

Please submit a support request to Toshiba Global Commerce Solutions if you
have questions.

Vendor Information  
Vendor Status Date Notified Date Updated
Toshiba Global Commerce Solutions
References  


http://www.toshibacommerce.com.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.toshibacommerce.com

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.