security hole in swais, FYI

Steve Goldstein--Ph +1-202-357-9717 sgoldste at
Tue Sep 1 11:20:58 UTC 1992

George and Brewster,

Please take note of this and act accordingly.

(Thanks for the heads-up, Scott!  I took the liberty of alerting the CERT with
a cc:  The community of serving organizations should be notified and the fix
provided, when proven.  If I'm behind the power curve, and if you have already
done this, please excuse my misplaced zeal.)


Steve G.
------- Forwarded Message

From: scottw at (Scott Williamson)
Message-Id: <9208312050.AA22641 at>
Subject: Re: WAIS on DDN
To: sgoldste at (Steve Goldstein--Ph +1-202-357-9717)
Date: Mon, 31 Aug 92 16:50:13 EDT
In-Reply-To: <9208282127.AA06081 at>; from "Steve Goldstein--Ph +1-202-357-9717" at Aug 28, 92 5:27 pm
X-Mailer: ELM [version 2.3 PL2]


   We have the login wais disabled.  There is a security whole in the swais 
interface that you can drive a truck through.  We are working on a fix 
so that we reactivate this feature.  Mark Kosters has informed RIPE of the
problem with  an explanation of how one could get in.  He also suggested 
the fix.


>   >SG>   And, folks, what you really want to see is NIC databases accessible
>   >SG>   with WAIS, so's you don't have to use their search fields,
>   >SG>but can
>   >SG>   use any search string (e.g., telephone number, city, etc.)
>   >SG>   has just brought up a WAIS server, and RIPE NCC has had one
>   >SG>up for a while
>   >SG>   (  These are REALLY neat, as in "who does networking
>   >SG>in
>   >SG>   Dresden?"  --SG
>   >
>   >I've managed to telnet to (
>   >but don't know the login/password. Can you advise?
>   >
> Sorry.  I did it with a WAIS client.  I just tried logging in a telnet
> session with user=wais, password=<all_sorts_of_things_including_profanity>,
> but nothing worked.  Ought not be passworded!  
> Scott?
> --SG
>   >Ripe works fine.
>   >
>   >Regards,
>   >Peter Scott

------- End of Forwarded Message

More information about the NANOG mailing list