Bugtraq mailing list archives
Re: Compaq/Microcom 6000 DoS + more
From: alec () dakotacom net (Alec Kosky)
Date: Wed, 12 Aug 1998 16:22:35 -0700
Oops - that last letter was supposed to be from me (alec () dakotacom net), and NOT Microcom Support - sorry for the confusion (gotta make a few modifications to this email prog ;) On 03-Jun-98 Microcom Support wrote:
Enclosed is a message that I sent to Compaq/Microcom's technical support about their Microcom 6000 access integrators. There is a DoS as well as a brute-force password attack on these systems. I received a canned reply from their technical team, but have yet to hear anything else from them, and this was early June. I spoke with their technical support on the phone, and the answer to this problem is to turn off telnet access. That's it - there was a message in their call reference that there is no plans to upgrade or modify the pShell (pSOS). Just thought that people should know that Compaq/Microcom do not seem to care about security, nor do they seem to care that security is an issue for their customers. And I am assuming that since the 6000 Acess Integrator is their flagship model, these problems are present in all Acess Integrator models BTW: The OS versions that I reported in my letter to Microcom are incorrect. I was reading the wrong information - the correct version is 4.0.13, and the latest version of the software is 4.0.15 (and 5.0 is in beta, according to the technician). There are no security changes from 4.0.13 to 4.0.15, AFAIK. -----FW: <01BD8EFC.379275D0.support () microcom com>----- Date: Wed, 3 Jun 1998 14:30:54 +0100 From: Microcom Support <support () microcom com> To: "alec () dakotacom net" <alec () dakotacom net> Subject: FW: Support Query Additional: If you wish to contact us with regard to this matter please quote Call Ref#: 305752. The best people to talk to about this would be at : Microcom Inc. 500 River Ridge Drive, Norwood. MA 02062 Hardware : Tel +1 (781) 551-1313 Carbon Copy : Tel +1 (781) 551-1414 Fax : +1 (781) 551-1898 BBS : +1 (781) 551-4750 ______________________ Thank you for bringing this matter to our attention. I have forwarded this eMail to our central site products technical team who will address the situation. We will contact you again in due course. Best regards, Microcom : Compaq Access Solutions Division. Online Support - support () microcom com WWW - www.microcom.com FTP - ftp.microcom.com PLEASE INCLUDE THIS EMAIL IN ALL FUTURE COMMUNICATIONS ON THIS SUBJECT -----Original Message----- From: alec () dakotacom net [SMTP:alec () dakotacom net] Sent: Wednesday, June 03, 1998 8:58 AM To: support () microcom com Subject: Support Query On Wednesday, June 3, 1998 at 03:58:02, the following data was submitted from http://www.microcom.com/support/feedback/index.html First Name Alec Middle Initial A Last Name Kosky Company Dakota Communications Title System Admin/Programmer Country United States Email alec () dakotacom net User Type End User Product CM6K-Series Other Product Software or Firmware Version pSOS Operating System Platform used Query This set of comments/questions is directed to the security guys. We currently use a Microcom 6100 Access Integrator, and I believe the firmware/OS is subject to a possible denial of service attack, as well as a possible brute force attempt to guess the password. I believe the OS on the system is pSOS 6.02 for the MNC card and 6.01 for the PRI card. The denial of service problem is this: there is no timeout when typing in the username and password - from what I have seen, a user can make a telnet connection to the MNC or PRI card and leave the connection open indefinitely. If the user only has one connection open, then this is not problem. However, the system will not accept more than 4 telnet connections at one time. Thus, a malicious user/hacker could open 4 telnet connections to either (or both cards) and deny all legitimate connections to the card. The other problem is that the system does not close the connection after a specified number of invalid login attempts. A program such as 'crack' could be modified to work over a network and attempt to guess the administrator's password. Neither of these are acceptable on any system, let alone a company's flagship model. First, I would like to know if there is a firmware/OS update (upgrade?) available to fix these problems, and second, if there is no upgrade available, will one be available soon? --------------End of forwarded message------------------------- --Alec--
--Alec--
Current thread:
- Compaq/Microcom 6000 DoS + more Microcom Support (Jun 03)
- Re: Compaq/Microcom 6000 DoS + more Alec Kosky (Aug 12)
- solaris 2.x rdist exploit / too many humbles :p John McDonald (Aug 12)
- Re: Compaq/Microcom 6000 DoS + more Shiloh Costa (Aug 14)