Vulnerability

    At Ease

Affected

    At Ease 5.0 (Mac)

Description

    Tim Conrad  found following.   At Ease  5.0 will  allow a  user to
    access any user's volume on the server.  The tested  configuration
    is as follows:

        MacOS 7.6.1 (should work with anything greater than 7)
        At Ease 5.0.2
        AppleShare IP 5.0.3
        Netscape 4.0.7 (No reason it shouldn't work from .99 to 4.5)

    How to  do it?   Log in  as any  user that  has access to Netscape
    Communicator, and type in

        file://Macintosh%20HD/System%20Folder/

    and you are able  to access the disk.   Do the same thing,  except
    use

        file://At%20Ease%20Volume%20Name/At%20Ease%20%Docs/username

    and  it's  quite  easy  to  browse  through  anyones files.  It is
    possible  to  download  files  from  that users directory.  You're
    unable to actually open any of the files once they are downloaded,
    however in an educational setting, just viewing names in a certian
    directory could  constitute some  serious problems  (such as  if a
    teacher works with Special Education  studends, and has a list  of
    documents to their parents).

Solution

    Apple apparently will  not fix their  own product. There  is a 3rd
    party extention available for this at:

        http://www.ncal.verio.com/~lsr/programs/MSIENoServers.hqx