Bugtraq mailing list archives
Problem with ascend pipeline routers.
From: eric () CAFFREY NET (Eric Thacker)
Date: Wed, 27 May 1998 00:57:44 -0500
Messing around with a pipeline 75 I noticed that I could keep open the password prompt past the normal time limit by sending one character every second. This resets the timer to 0 and keeps the telnet session to the router from being closed. I opened up a second telnet to the router and did this again. Ascend pipeline routers only allow 2 telnet sessions, at this point any future attempts get rejected. I was able to keep these connections for hours by sending data to both password prompts which would keep anyone from configuring this router. I wrote ascend explaining what I had done and asking them to consider putting a time limit on the amount of time it takes to enter a password. This is the response I got back... -Start- Date: Tue, 26 May 1998 14:19:30 -0700 From: support <support () ascend com> To: eric () caffrey net Subject: RE: Ticket #238563 Eric: The pipeline has no way of telling what is a legit telnet and what is not and because the box is meant to be accessed this way (both locally and remotely), a firewall is the best way to restrict telnet access. -- Ascend Communications, Inc Service & Support support () ascend com http://www.ascend.com/service -Cut- I really like ascend, but this is a lame way of not having to put a 45 second limit on typing in a password when connecting to a router via telnet. What can this do?? Someone can effictivly keep a pipeline router from being configured by opening 2 telnet sessions to the router and sending data every second. The only way to stop this is to reboot the router and telnet in before another telnet session is opened by the attacker. Ways to fix the problem: 1. Filter all incoming telnet traffic to the router from the internet 2. Turn off telnet access and use the console port 3. Don't configure your router Eric Thacker System Administrator Caffrey/Digilink Networks eric () caffrey net
Current thread:
- about sendmail 8.8.8 HELO hole Valentin Pavlov (May 22)
- about sendmail 8.8.8 HELO hole Gregory Neil Shapiro (May 26)
- Re: about sendmail 8.8.8 HELO hole Zach White (May 26)
- Problem with ascend pipeline routers. Eric Thacker (May 26)
- Re: Problem with ascend pipeline routers. Joe Shaw (May 28)
- Ascend Pipeline DoS Jeff Wheeler (May 29)
- MS Exchange vulnerable. (was: about sendmail 8.8.8 HELO hole) Yuri Krichevsky (May 27)