Primer:
Eaglesoft when installed without internet, has a default username and password in the database. Same for everyone, until the office gets internet.
What happens then is, a service running on the server will go out on the internet and talk to a patterson server out on amazon, and give it the office license... then the server spits back database credentials that the office will now use. This might also be exploited but is a protected computer I think, not sure.. haven't looked but I would guess you also need a certificate to talk to it.
Client
Run Eaglesoft, Eaglesoft fetches a list of employees\users so the login screen is populated but at this moment I am a bit confused on if this is from the database or the patterson application service. I believe after correctly logging in, the client then gets the database credentials from the patterson application service, but this is based on client validation. One can just ask the Patterson Application Service running on the office server for the database credentials and as long as you have the certificate, it will give it to you.
The certificate is all you really need...
|  | ||
| |||
We will be closing this case on our end due to unresponsiveness from the
vendor. We encourage you to request CVE ID(s) for your research in this
case by visiting https://cveform.mitre.org/. Additionally, we encourage
you to publish your research if you desire to do so; we have exhausted
the avenues available for coordinated disclosure with the vendor's
participation.
Thank you for your report, and please feel free to reply with any
questions you may have.
~Eric Hatleback
Vulnerability Analysis Team
==============================
CERT Coordination Center
kb.cert.org / cert@cert.org
==============================
On 3/25/2020 7:21 AM, Justin Shafer wrote:
> Also I found this:
> corporate.communications@patte
>
> which is probably more current then the Jennifer Joly one.
>
> On Wed, Mar 25, 2020 at 6:20 AM Justin Shafer <justinshafer@gmail.com>
> wrote:
>
>> I found this on the internet in an Eaglesoft press release:
>>
>> Corporate Communications Manager
>> jennifer.joly@pattersoncompani
>>
>> On Mon, Mar 23, 2020 at 3:46 PM CERT Coordination Center <cert@cert.org>
>> wrote:
>>
>>> Greetings--
>>>
>>> We still have no response from the vendor on our end. Do you perhaps
>>> have alternate contact addresses that we could try? Thus far, we have
>>> been attempting to reach Eaglesoft via ptc.support@pattersondental.co
>>>
>>> Thanks for any any alternative addresses you might be able to suggest.
>>>
>>>
>>> ~Eric Hatleback
>>>
>>> Vulnerability Analysis Team
>>> ==============================
>>> CERT Coordination Center
>>> kb.cert.org / cert@cert.org
>>> ==============================
>>>
>>>
>>> On 3/11/2020 8:20 AM, Justin Shafer wrote:
>>>> Anything new? Reading the SMBv3 compression VU... wow. Another way to
>>>> defeat bitlocker if someone stole the office server and just relied on
>>> tpm.
>>>>
>>>>
>>>>
>>>> On Tue, Feb 18, 2020 at 12:45 PM CERT Coordination Center <
>>> cert@cert.org>
>>>> wrote:
>>>>
>>>>> Hello--
>>>>>
>>>>> We have made two attempts to contact the vendor, but thus far we have
>>>>> received no response.
>>>>>
>>>>>
>>>>> Vulnerability Analysis Team
>>>>> ==============================
>>>>> CERT Coordination Center
>>>>> kb.cert.org / cert@cert.org
>>>>> ==============================
>>>>>
>>>>>
>>>>> On 2/14/2020 9:27 PM, Justin Shafer wrote:
>>>>>> How's it going?
>>>>>>
>>>>>> On Mon, Jan 6, 2020 at 9:42 AM CERT Coordination Center <
>>> cert@cert.org>
>>>>>> wrote:
>>>>>>
>>>>>>> Greetings,
>>>>>>>
>>>>>>> We have received your report and are tracking it as VU#664029. Please
>>>>>>> retain the VU# in the subject of any email you send to us about this
>>>>> issue.
>>>>>>>
>>>>>>> Additionally, we received your 12-17-19 email, which seemed to
>>> indicate
>>>>>>> that the vulnerability has now been made public. Could you please
>>>>>>> clarify this situation for us?
>>>>>>>
>>>>>>> Thank you,
>>>>>>>
>>>>>>>
>>>>>>> ~Eric Hatleback
>>>>>>>
>>>>>>> Vulnerability Analysis Team
>>>>>>>
>>> ==============================
>>>>>>> CERT Coordination Center
>>>>>>> kb.cert.org / cert@cert.org
>>>>>>>
>>> ==============================
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>
>> --
>> Justin Shafer
>> Onsite Dental Systems
>> 7704 Sagebrush Ct. S.
>> North Richland Hills, TX. 76182
>> (817) 909-4222
