Bugtraq mailing list archives
Re: Foundry DoS at login prompt
From: //Stany <stany () NOTBSD ORG>
Date: Sun, 12 Nov 2000 16:36:19 -0500
On Sat, 11 Nov 2000 lists () DIE NET wrote:
In the release notes for Foundry code v07.1.09, I noticed the statement: If you entered a very long string when prompted for a Telnet password, then pressed Enter before the software timed out the access attempt, the device reset. This functions exactly as it describes on FastIrons, BigIrons, and ServerIrons I have access to running various versions of firmware. If you can get to a login prompt, you can reload the device.
At the moment the only foundry device we have in production is , which is a NetIron. telnet@netiron.magma.ottawa#sh ver SW: Version 06.5.10T13 Copyright (c) 1996-1999 Foundry Networks, Inc. Compiled on Jan 8 2000 at 02:24:28 labeled as N8R06510 HW: NetIron Gigabit Switching Router, serial number 04b024 200 MHz Power PC processor 603 (revision 7) with 32756K bytes of DRAM 16 100BaseT interfaces with Level 1 Transceiver LXT975 In other words we are rather behind. I have spent the last half an hour feeding thousands and thousands of As to the "Please Enter Password:" prompt, but got nowhere. I am attaching the script I used for checking. I tried upto 66000 instances of "A" sent down the line. Perhapse I am doing something wrong (more then likely my script is buggy), so please, if someone has more detailes, especially detailes that would convince my management that NetIrons are vulnerable and that we really should renew a support contract with Foundry Networks, please holler.
This does not appear to affect ssh logins, which recent versions of the Foundry firmware support. If you have any Foundry gear with externally visible IPs, make sure you disable telnet or upgrade your firmware to the latest. This is particularly true if you use their load-balancer product, the ServerIron, which also supposedly functions to keep your site highly available.
When I actually make it to work on Monday, I'll be sure to check with a ServerIron and a FastIron Workgroup that are sitting on my desk.
-- Aaron
Signed: //Stany -- +-------+ Stanislav N Vardomskiy - Procurator Odiosus Ex Infernis[TM] +-------+ | "Backups we have; it's restores that we find tricky." Richard Letts at ASR | | This message is powered by JOLT! For all the sugar and twice the caffeine. | +--------+ My words are my own. LARTs are provided free of charge. +---------+
Attachment:
crashfoundry.exp
Description:
Current thread:
- Foundry DoS at login prompt lists (Nov 13)
- Re: Foundry DoS at login prompt //Stany (Nov 13)