Bugtraq mailing list archives

MicroSolved finds hole in Ascom Timeplex Router Security

From: bhuston () NETWALK COM (Brent Huston)
Date: Thu, 15 May 1997 16:39:33 -0400


An error in Timeplex Routers allows a user to gain unauthorized access to the device through a special 'debug' mode. 
This mode allows manipulation of the router at the register level, as well as being able to reset the router or deny 
service. The 'debug' mode can be entered without logging into the router, by sending a number of cntrl-d sequences to 
the device. The router will then display it's ip address and other information and drop to a debug prompt.

This information could be used to gain further access to a network, or to change the router setup, or deny service. For 
further information, please contact Ascom.

MicroSolved is an independant security consulting firm located in Columbus, Ohio. We specialize in security auditing, 
intrusion detection, and dial-up security. For further information, please contact us via email at bhuston () netwalk 
com

Current thread:

UPDATE TO OOB FIX, (continued)
- - - UPDATE TO OOB FIX Aaron Weintraub (May 12)
    - Re: New Win95 OOB fix allows Netbios to be used Ian MacPhedran (May 13)
    - UPDATE TO OOB FIX Wojciech Swieboda (May 13)
    - Re: ELM overflow security () home bti pl (May 14)
    - Re: ELM overflow Michel GAUDET (May 16)
    - potential root exploit with help from sam (HP-UX 10.x) David Hyams (May 14)
    - Re: potential root exploit with help from sam (HP-UX 10.x) Trevor Schroeder (May 14)
    - Sun Security Bulletin #00140 Sun Security Coordination Team (May 14)
    - Non-executable stack -- final Linux kernel patch Solar Designer (May 14)
    - NT4.0 SP3 Still vulnerable Aaron Spangler (May 15)
    - MicroSolved finds hole in Ascom Timeplex Router Security Brent Huston (May 15)
  - WinNT 4.0 OOB Hoxfix Aleph One (May 12)
- Re: Linux UID/GID 'Feature' Philippe Regnauld (May 13)