Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Webramp M3 login info

From: niek () dupaco nl (Niek Jongerius)
Date: Tue, 21 Apr 1998 17:22:48 +0200


This Seems to be a new problem (if it has been reported
I have never seen it)

The Product :

Webramp M3
from Ramp Networks, Inc

The Problem

  I have encountered one of these routers logged into a Dial-up
account. It has the setup web pages world readable via http thus
giving out all login info (including password) for the dial up
account. It also gives a hang-up option that may allow for DoS
attacks.

  Currently it is unknown if this is just  one misconfigured router or
  a wide spread problem.


A reaction from a WebRamp tech:

  To set the story straight, this was a misconfigured WebRamp and not a bug
  in our product line. By default, the M3 is world readable/configurable with
  a standard web browser right out of the box.  This is so our customers can
  set it up in minutes and connect it to their network and configure it
  without the need for any special proprietary software; we've tried to make
  this product as simple as possible for anyone to install.

  If the default admin password is not changed once the product is online
  with the ISP, then anyone can connect to it's WAN IP address and
  reconfigure it.  Common sense dictates that the first thing you change,
  once it's been configured, is the default admin password.  Once changed, if
  you access the WAN IP, it prompts for a user name and password like any
  other server one would log into.

  Since the M3 family is usually configured to obtain an IP address
  dynamically and it dials out on demand (i.e. it's only connected when
  someone is using it) the only people who would know it's online is the ISP
  or those individuals who routinely shift through a full class C IP with
  their web browser.

Whether it is sensible to set the default behaviour to "world
readable" and let the administrator force it to something more secure
is questionable to say the least, the problem is at least fixable. The
password can be set from the same web interface.

Niek.

===============================================================================
Niek Jongerius - Dupaco BV             |  Email : niek () dupaco nl
Tel: +31 33 494 88 88                 |
Fax: +31 33 495 05 20                 |
Previous By Date Next
Previous By Thread Next

Current thread: