NOVELL TECHNICAL INFORMATION DOCUMENT TITLE: Security Enhancement LOGIN.EXE 4.02 DOCUMENT ID: TID013339 DOCUMENT REVISION: A DATE: 02SEP93 ALERT STATUS: Yellow INFORMATION TYPE: Symptom Solution README FOR: SECLOG.EXE NOVELL PRODUCT and VERSION: NetWare 4.01 ABSTRACT: LOGIN.EXE v4.02 eliminates a small window of exposure under NetWare 4.x where a user's name and password may be temporarily swapped to disk when running in a DOS environment with less than 640KB of EMS or XMS memory, or if the login script uses a SWAP command to swap to disk instead of to memory. (If you are not using the external command (#), you don't need to install this update.) ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ DISCLAIMER THE ORIGIN OF THIS INFORMATION MAY BE INTERNAL OR EXTERNAL TO NOVELL. NOVELL MAKES EVERY EFFORT WITHIN ITS MEANS TO VERIFY THIS INFORMATION. HOWEVER, THE INFORMATION PROVIDED IN THIS DOCUMENT IS FOR YOUR INFORMATION ONLY. NOVELL MAKES NO EXPLICIT OR IMPLIED CLAIMS TO THE VALIDITY OF THIS INFORMATION. ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ SYMPTOM A small window of exposure exists where a user's name and password may be temporarily swapped to disk when running in a DOS environment with a small memory configuration. The NetWare 2.x and NetWare 3.x LOGIN utilities are not affected and require no enhancement. CAUSE In NetWare 2.x and 3.x, LOGIN.EXE keeps a version of the user ID and password in protected domain memory so that attachment to other servers does not require the user to reenter the same information. After the login process is complete, the memory is cleared. This process poses no security threat in NetWare 2.x or 3.x. In NetWare 4.x, the login process contains more steps. The LOGIN.EXE is larger because the added security features, such as NDS and authentication, have expanded the file size. During the current NetWare 4.x login and authentication process, portions of LOGIN.EXE may be temporarily swapped to extended or expanded memory or to disk in DOS environments with less than 640KB EMS or 640KB XMS memory configurations. If login is temporarily swapped to disk, it is placed in the current directory of the default disk, whether local or on the network. A security threat occurs if a portion of the login executable containing the user ID and password information is temporarily swapped to disk. After login completes, a user may be able to salvage or undelete the temporary swap file, gaining access to read the user ID and password information of the logged-in network user. SOLUTION Novell recommends that security conscious users implement the new LOGIN.EXE v4.02 for NetWare 4.0 or 4.01 environments. Solution Specifics: Note: The new version of LOGIN.EXE will be incorporated in future versions of NetWare 4.x. Self-Extracting File Name: SECLOG.EXE Revision: A Files Included Size Date Time SECLOG.TXT (This file) LOGIN.EXE 354859 08-25-93 11:43a Installation Instructions: 1. Flag LOGIN.EXE in your PUBLIC and LOGIN directories to Shareable and Read/write. For example, at the LOGIN directory, type: FLAG LOGIN.EXE SRw 2. Copy LOGIN.EXE from your PUBLIC and LOGIN directories to a diskette for backup purposes. 3. Copy this version (4.02) of LOGIN.EXE to your PUBLIC and LOGIN directories. 4. Flag the newly installed LOGIN.EXE in your PUBLIC and LOGIN directories to Shareable and Read only. For examle, at the PUBLIC directory, type: FLAG LOGIN.EXE SRo After installing LOGIN.EXE 4.02, you should require all users to change their passwords. If this security enhancement is installed on a NetWare 4.0 server after completing the upgrade to NetWare 4.01, verify that the LOGIN.EXE is v4.02. If the LOGIN.EXE is not v4.02, reinstall this enhancement. Use the NDIR.EXE utility with the /ver option to verify the version information. For example, at the PUBLIC directory, type: NDIR LOGIN /ver ÿ