Bugtraq mailing list archives
Bay Networks Security Hole
From: marty () SLACK NET (Marty Rigaletto)
Date: Sun, 10 May 1998 00:58:37 -0400
vendor: bay networks product: bay access node/wellfleet routers Ok, in this day and age it is becomming increasingly difficult for the low-level, system cracker, bottom feeders who frequent the net to gain access to larger corporate and government sites due to firewall implementation, so I'm posting this to help the administrators stay one step ahead. The problem with the bay boxes is that by default the two system accounts on the machine are not passworded. Now, usually the "Manager" account on the machine is passworded by the administrator, however, the "User" account is often left untouched. While the "User" account has restricted access, it can be a huge security hole, especially when these machines are used for the purposes of IP filtering (a firewall). Because the bay machines have snmp configuration capabilities, anyone knowing the snmp string for the machine or snmp community could edit routing tables and IP filtering rules with any snmp management software or the bay networks software they put out for solaris and just recently NT. All a proposed attacker would have to do is telnet to the router, login as "User", and issue a single command, "sho snmp community". Then adjust his or her snmp software to use that string and IP address, and b00m, sucks to be you. recommended fix: uhh..password "User" - Marty Rigaletto "On the bulletin boards nobody knew if you attended a special school." - d. freedman (from "At Large", in regards to Phantomd)
Current thread:
- Re: 3Com switches - undocumented access level., (continued)
- Re: 3Com switches - undocumented access level. Toh Chang Ying (May 08)
- Re: 3Com switches - undocumented access level. Aleph One (May 08)
- Re: 3Com switches - undocumented access level.) Riku Meskanen (May 09)
- Re: 3Com switches - undocumented access level.) Riku Meskanen (May 09)
- Re: 3Com switches - undocumented access level.) Joao Carlos Mendes Luis (May 10)
- Re: 3Com switches - undocumented access level.) Riku Meskanen (May 09)
- Re: 3Com switches - undocumented access level. der Mouse (May 08)
- Re: 3Com switches - undocumented access level. Sasha Egan (May 08)
- Re: 3Com switches - undocumented access level. Sasha Egan (May 08)
- Re: 3Com switches - undocumented access level. Michael Mittelstadt (May 10)
- Re: 3Com switches - undocumented access level. NetSurfer (May 11)
- Bay Networks Security Hole Marty Rigaletto (May 09)
- coke.c snupe (May 09)
- MICO: security problem: Privileges of micod for everybody! Dominique Unruh (May 10)
- Re: MICO: security problem: Privileges of micod for everybody! Miguel de Icaza (May 10)
- Re: Bay Networks Security Hole Jason Ackley (May 10)