Bugtraq mailing list archives
Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled.
From: Keith Clifton <clifton () zoomnet net>
Date: Thu, 19 Feb 2004 16:32:17 -0500 (EST)
I've noticed this for FTP as well. The new firmware for the AP9211s seem to fix this issue. -- Keith On Thu, 19 Feb 2004, David Monosov wrote:
To your attention: This comes from limited experience with one version of the 9606 firmware (v3.0.3) on MasterSwitch 9xxx series, tested across many of the devices: Although provided an option to disable telnet administratively via the Web interface as well as the Telnet interface itself - telnet does *NOT* actually gets disabled. It disables itself for a matter of approx +/- 20 seconds, and comes back as if nothing ever happened. Repeating attempts to disable telnet access are futile. The only effective method of preventing possible exploitation seems to be filtering port 23 on the network level. This seems to be another firmware issue. Please check your APC's using 9606, your sense of security from disabling telnet might be false :( --- David 'wEEkAY' Monosov david dot monosov at futureinquestion dot net
Current thread:
- APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. David Monosov (Feb 19)
- Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. Keith Clifton (Feb 19)
- <Possible follow-ups>
- RE: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. Miskell, Craig (Feb 19)