A remote management tool used in some enterprises can be exploited by attackers to remotely connect to a host without needing any passwords, according to a Trustwave researcher.
Many organizations use the NetSupport software to remotely manage and connect to PCs and servers from a central location. These systems normally are set up with either Domain or local credentials, and shouldn't be accessible without the person logging in. However, if the system has NetSupport installed for remote desktop support, it most likely has the default configuration, which allows remote users to connect automatically without authentication, David Kirkpatrick, a principal consultant at Trustwave, wrote in a blog post. The software also leaks detailed information about the device, such as the hostname, version number, and the username.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.