lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <AF026AF0FF4B054590228FD1F1DE516502029098@inbox.agresearch.co.nz>
Date: Fri, 20 Feb 2004 10:27:31 +1300
From: "Miskell, Craig" <Craig.Miskell@...esearch.co.nz>
To: <bugtraq@...urityfocus.com>
Subject: RE: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled.


The device appears to need a "restart for this change to take effect"
(to quote a phrase from another OS).  We have a 9604 (which,
incidentally, appears to have the same default password, although the
details once logged in are different), and telnet wasn't disabled until
I had logged in via telnet and logged out again.  The device warmstarted
when I logged out, and telnet was subsequently truly disabled.

HTH,

Craig Miskell

> -----Original Message-----
> From: David Monosov [mailto:david.monosov@...ureinquestion.net] 
> Sent: Friday, 20 February 2004 4:14 a.m.
> To: bugtraq@...urityfocus.com
> Subject: APC 9606 SmartSlot Web/SNMP management card 
> "backdoor" - Telnet can't be disabled.
> 
> 
> To your attention: This comes from limited experience with 
> one version of
> the 9606 firmware (v3.0.3) on MasterSwitch 9xxx series, 
> tested across many
> of the devices:
> 
> Although provided an option to disable telnet 
> administratively via the Web
> interface as well as the Telnet interface itself - telnet does *NOT*
> actually gets disabled. 
> 
> It disables itself for a matter of approx +/- 20 seconds, and 
> comes back as
> if nothing ever happened. Repeating attempts to disable 
> telnet access are
> futile. The only effective method of preventing possible 
> exploitation seems
> to be filtering port 23 on the network level. This seems to be another
> firmware issue.
> 
> Please check your APC's using 9606, your sense of security 
> from disabling
> telnet might be false :(
> 
> ---
> David 'wEEkAY' Monosov
> david dot monosov at futureinquestion dot net
> 
> 
> 
> 
> 
> 
> 
=======================================================================
Attention: The information contained in this message and/or attachments
from AgResearch Limited is intended only for the persons or entities
to which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of, or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipients is prohibited by AgResearch
Limited. If you have received this message in error, please notify the
sender immediately.
=======================================================================


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ