| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 Oct 2010 21:57:02 +0000 From: "Thor (Hammer of God)" <thor@...merofgod.com> To: Sabahattin Gucukoglu <mail-dated-1288560724.e8794a@...ahattin-gucukoglu.com>, "braillenote@...t.humanware.com" <braillenote@...t.humanware.com> Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>, "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>, "me-mates@...ahattin-gucukoglu.com" <me-mates@...ahattin-gucukoglu.com>, "support@...anware.com" <support@...anware.com> Subject: Re: Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers ⠠⠊⠋ ⠃⠁⠙ ⠛⠥⠽⠎ ⠁⠗⠑ ⠕⠝ ⠽⠕⠥⠗ ⠝⠑⠞⠺⠕⠗⠅, ⠽⠕⠥ ⠼⠚⠼⠉⠼⠊;⠗⠑ ⠎⠉⠗⠑⠺⠑⠙ ⠁⠝⠽⠺⠁⠽ t >-----Original Message----- >From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure- >bounces@...ts.grok.org.uk] On Behalf Of Sabahattin Gucukoglu >Sent: Friday, October 01, 2010 2:32 PM >To: braillenote@...t.humanware.com >Cc: full-disclosure@...ts.grok.org.uk; bugtraq@...urityfocus.com; me- >mates@...ahattin-gucukoglu.com; support@...anware.com >Subject: [Full-disclosure] Warning: BrailleNote Apex Offers Read/Write FTP >And Telnet Access To All Comers > >BrailleNote Apex offers telnet and FTP access on the standard ports, with >read/write privilege on the entire file system, to all comers. No >authentication is required. BrailleNote is unsafe on any network whose >devices you are not in full charge of, and which (by NAT or firewall) does not >protect BrailleNote from the Internet. > >I am happy and sad. In a chance port scan of my entire network looking for >interesting services and protocols that were not accounted for by visible >configuration options in all my devices, I found this disaster staring me in the >face on the least likely candidate of them all. On the one hand, now I don't >need ActiveStink in order to access my files, over the network, from my Mac. >I want these services running, for sure (maybe just FTP) but dammit, >authentication first! On the other hand, there is no doubt my trust in >HumanWare is badly dented, as I was clearly optimistic that they would, and >did, do the right thing and secure the device firmware before shipping it. >Anonymous FTP and telnet are obvious, easily found and effectively >exploited. If it isn't configurable, it shouldn't be enabled. I am quite sure this >was the case before now. The most likely explanation is a build with a test >configuration and services for development still in use on the newest model; >the USB vendor string is further evidence of this. Note to self: that popular >expression about assumptions turns out to be true. > >KeySoft version 9.0.2 build 756, Windows CE 6.0, with telnet and FTP services. > >While we await an update that either disables the services or allows the user >to specify the authentication credentials, do not use your BrailleNote Apex on >any untrusted network, or if you are network administrator, temporarily >prohibit these devices from connecting to your networks. If "Bad guys" are on >your network, the BrailleNote Apex is, alas, easy meat. > >Cheers, >Sabahattin > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists