Bugtraq mailing list archives

Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled.

From: Keith Clifton <clifton () zoomnet net>
Date: Thu, 19 Feb 2004 16:32:17 -0500 (EST)

I've noticed this for FTP as well.

The new firmware for the AP9211s seem to fix this issue.

-- Keith

On Thu, 19 Feb 2004, David Monosov wrote:

To your attention: This comes from limited experience with one version of
the 9606 firmware (v3.0.3) on MasterSwitch 9xxx series, tested across many
of the devices:

Although provided an option to disable telnet administratively via the Web
interface as well as the Telnet interface itself - telnet does *NOT*
actually gets disabled. 

It disables itself for a matter of approx +/- 20 seconds, and comes back as
if nothing ever happened. Repeating attempts to disable telnet access are
futile. The only effective method of preventing possible exploitation seems
to be filtering port 23 on the network level. This seems to be another
firmware issue.

Please check your APC's using 9606, your sense of security from disabling
telnet might be false :(

---
David 'wEEkAY' Monosov
david dot monosov at futureinquestion dot net

Current thread:

APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. David Monosov (Feb 19)
- Re: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. Keith Clifton (Feb 19)
- <Possible follow-ups>
- RE: APC 9606 SmartSlot Web/SNMP management card "backdoor" - Telnet can't be disabled. Miskell, Craig (Feb 19)