Bugtraq mailing list archives
Re: 3Com switches - undocumented access level.
From: mouse () RODENTS MONTREAL QC CA (der Mouse)
Date: Fri, 8 May 1998 13:18:24 -0400
From: [presumably someone at 3Com -dM] Sent: Friday, May 08, 1998 3:32 PM Subject: Re: FW: 3Com switches - undocumented access level.
[L]et me assure you that the undocumented access level for the LANplex/Corebuilder products are purely for support reasons then anything else. We have many cases where customers will forget their passwords or userids and find themselves in a spot as they could not get in to the console. This is the only way we can help them to recover from this situation without losing their entire configuration. [...]
Excuse me for being blunt, but: poppycock. Pure spin-doctoring. I can think of at least two other ways right off the top of my head. One would be to give the switches in question a physical setting (a back-panel switch, a jumper on the pc board, whatever) that overrides the password somehow - for example, causes any password to be accepted. (Of course, one would not normally run with the hardware set this way.) Another would be to keep the password information in a separate NVRAM from the rest of the configuration, so that either can be reset without having to touch the other. Either of these would be an appropriate disaster-recovery mechanism. A "secret" backdoor access mechanism is not. To anyone receiving this message: you are welcome to forward it to anyone you please. der Mouse mouse () rodents montreal qc ca 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Current thread:
- Re: 3Com switches - undocumented access level., (continued)
- Re: 3Com switches - undocumented access level. Sasha Egan (May 08)
- NSCA HTTPD (for Windows) bug. Renos (May 08)
- 4 Advisories for Digital Unix: ftp, advs, rpc.statd, ftpd Helmut Springer (May 08)
- xterm exploit [TOG issue] Andrea Arcangeli (May 08)
- BSDI 3.1/Squid Default Owner Jonathan A. Zdziarski (May 07)
- Re: 3Com switches - undocumented access level. Toh Chang Ying (May 08)
- Re: 3Com switches - undocumented access level. Aleph One (May 08)
- Re: 3Com switches - undocumented access level.) Riku Meskanen (May 09)
- Re: 3Com switches - undocumented access level.) Riku Meskanen (May 09)
- Re: 3Com switches - undocumented access level.) Joao Carlos Mendes Luis (May 10)
- Re: 3Com switches - undocumented access level.) Riku Meskanen (May 09)
- Re: 3Com switches - undocumented access level. der Mouse (May 08)
- Re: 3Com switches - undocumented access level. Sasha Egan (May 08)
- Re: 3Com switches - undocumented access level. Sasha Egan (May 08)
- Re: 3Com switches - undocumented access level. Michael Mittelstadt (May 10)
- Re: 3Com switches - undocumented access level. NetSurfer (May 11)
- Bay Networks Security Hole Marty Rigaletto (May 09)
- coke.c snupe (May 09)
- MICO: security problem: Privileges of micod for everybody! Dominique Unruh (May 10)
- Re: MICO: security problem: Privileges of micod for everybody! Miguel de Icaza (May 10)
- Re: Bay Networks Security Hole Jason Ackley (May 10)