Hello,
One of our security people was doing an audit on some servers, one of
these being the Zenoss server. He found the following in clear text,
unfortunately the account needs domain admin rights to achieve the desired
results, if the server is compromised then I have a problem:
Servername:~# ps awux | grep xxxxxxx
zenoss 13376 4.0 0.0 3624 1180 ? S 08:27 0:00 /bin/sh
/usr/local/zenoss/Products/MicrosoftIIS6/libexec/check_wmic root\cimv2
"Domain\\username Password" 10.x.x.x SELECT * FROM
Win32_PerfFormattedData_W3SVC_WebService WHERE Name='_Total' 108
CurrentCGIRequests
zenoss 13424 4.0 0.0 3628 1184 ? S 08:27 0:00 /bin/sh
/usr/local/zenoss/Products/MicrosoftIIS6/libexec/check_wmic root\cimv2
"Domain\\username Password" 10.x.x.x SELECT * FROM
Win32_PerfFormattedData_W3SVC_WebService WHERE Name='_Total' 103
CurrentAnonymousUsers
-------------------- m2f --------------------
Read this topic online here:
http://community.zenoss.com/forums/viewtopic.php?p=21449#21449
-------------------- m2f --------------------
_______________________________________________
zenoss-users mailing list
[email protected]
http://lists.zenoss.org/mailman/listinfo/zenoss-users
