lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <58DB1B68E62B9F448DF1A276B0886DF16E6A915D@EX2010.hammerofgod.com>
Date: Fri, 1 Oct 2010 21:57:02 +0000
From: "Thor (Hammer of God)" <thor@...merofgod.com>
To: Sabahattin Gucukoglu
	<mail-dated-1288560724.e8794a@...ahattin-gucukoglu.com>,
	"braillenote@...t.humanware.com" <braillenote@...t.humanware.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>,
	"bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>,
	"me-mates@...ahattin-gucukoglu.com" <me-mates@...ahattin-gucukoglu.com>,
	"support@...anware.com" <support@...anware.com>
Subject: Re: Warning: BrailleNote Apex Offers Read/Write
 FTP	And Telnet Access To	All Comers

⠠⠊⠋ ⠃⠁⠙ ⠛⠥⠽⠎ ⠁⠗⠑ ⠕⠝ ⠽⠕⠥⠗ ⠝⠑⠞⠺⠕⠗⠅, ⠽⠕⠥ ⠼⠚⠼⠉⠼⠊;⠗⠑ ⠎⠉⠗⠑⠺⠑⠙ ⠁⠝⠽⠺⠁⠽

t

>-----Original Message-----
>From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-
>bounces@...ts.grok.org.uk] On Behalf Of Sabahattin Gucukoglu
>Sent: Friday, October 01, 2010 2:32 PM
>To: braillenote@...t.humanware.com
>Cc: full-disclosure@...ts.grok.org.uk; bugtraq@...urityfocus.com; me-
>mates@...ahattin-gucukoglu.com; support@...anware.com
>Subject: [Full-disclosure] Warning: BrailleNote Apex Offers Read/Write FTP
>And Telnet Access To All Comers
>
>BrailleNote Apex offers telnet and FTP access on the standard ports, with
>read/write privilege on the entire file system, to all comers.  No
>authentication is required.  BrailleNote is unsafe on any network whose
>devices you are not in full charge of, and which (by NAT or firewall) does not
>protect BrailleNote from the Internet.
>
>I am happy and sad.  In a chance port scan of my entire network looking for
>interesting services and protocols that were not accounted for by visible
>configuration options in all my devices, I found this disaster staring me in the
>face on the least likely candidate of them all.  On the one hand, now I don't
>need ActiveStink in order to access my files, over the network, from my Mac.
>I want these services running, for sure (maybe just FTP) but dammit,
>authentication first!  On the other hand, there is no doubt my trust in
>HumanWare is badly dented, as I was clearly optimistic that they would, and
>did, do the right thing and secure the device firmware before shipping it.
>Anonymous FTP and telnet are obvious, easily found and effectively
>exploited.  If it isn't configurable, it shouldn't be enabled.  I am quite sure this
>was the case before now.  The most likely explanation is a build with a test
>configuration and services for development still in use on the newest model;
>the  USB vendor string is further evidence of this.  Note to self: that popular
>expression about assumptions turns out to be true.
>
>KeySoft version 9.0.2 build 756, Windows CE 6.0, with telnet and FTP services.
>
>While we await an update that either disables the services or allows the user
>to specify the authentication credentials, do not use your BrailleNote Apex on
>any untrusted network, or if you are network administrator, temporarily
>prohibit these devices from connecting to your networks.  If "Bad guys" are on
>your network, the BrailleNote Apex is, alas, easy meat.
>
>Cheers,
>Sabahattin
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ