Re: Netopia ISDN Router 650-ST: Viewing of all system logs without login

[Aaron Nichols <anichols () NETOPIA COM>]

-----BEGIN PGP SIGNED MESSAGE-----

Andrew,
        This problem has been a known issue for some time and was resolved
in Netopia firmware version 4.3.2 in May of 1999. The platform that you
are referring to, the PN650-ST, has not been in production for over 2
years. The last version of firmware released for that product was version
3.3.2 which was released in January of 1999 and no subsequent updates have
been provided. We make every effort to resolve any security issue promptly
and if it is an issue with our current platform we will absolutely address
it immediately and have in the past addressed issues which were brought to
our attention expediently. I do apologize for the lack of response
regarding your original inquiries and I assure you that we are making
every effort to make sure that this does not happen again.

Feel free to contact me if you have any further concerns.

Thank you,
Aaron

On Thu, 16 Nov 2000, The Proton wrote:

> This advisory was sent to Netopia three weeks ago. I have received no
> return contact.
>
> Andrew
>
> ----------------
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Device Specifics
> =================
> Name:         Netopia ISDN Router 650-ST
> Manufacturer: Netopia
> Version:      Firmware 3.3.2
> Risk:         Viewing of all system logs without login
> Advisory:     2000-03
>
> Problem
> =======
>
> The system logs (both device history and WAN history) can be read
> from the telnet prompt without logging into the system.
>
> Details
> =======
>
> The logs of the router can be viewed from the telnet login screen by
> pressing a certain key combination.
>
> To access the WAN event log type Ctrl-F at the login screen
> To access the device event log type Ctrl-E at the login screen
>
> Access to these logs may allow access to sensitive information such
> as usernames or passwords to an arbitary internet user.
>
> Fixes
> =====
>
> None available.
>
>
> Workaround
> ==========
>
> Do not allow telnet access to your router to untrusted hosts.
>
>
> Acknowledgements
> ===============
>
> This vulnerability was discoverd by Bok <bok () dshs nsw edu au>
> Further investigation by Andrew Wellington (aka proton)
>
>
> Disclaimer
> ==========
> THIS INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND.
> ANDREW WELLINGTON DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR
> IMPLIED,
> INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
> PARTICULAR PURPOSE. IN NO EVENT SHALL ANDREW WELLINGTON BE LIABLE FOR
> ANY DAMAGES WHATSOEVER INCLUDING, BUT NOT LIMITED TO, DIRECT,
> INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR
> SPECIAL DAMAGES, EVEN IF ANDREW WELLINGTON HAS BEEN ADVISED OF THE
> POSSIBILITY OF SUCH DAMAGES.
>
>
> PGP Key
> =======
>
> PGP key is available at keyserver.net
> Key ID: 0x77168373
> Fingerprint:
> E8C3 789F 30C3 658E 1D90  56EB 0097 3EE3 7716 8373
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 6.5.1 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBOf1XywCXPuN3FoNzEQLiMgCdFyrc4kxfld6EL0/bEHYJ0+fF6GgAoJl+
> KZYtG//tuDj7avHoUtGNiVZ/
> =jaBx
> -----END PGP SIGNATURE-----
> _______________________________
> The Proton
> <proton () dshs nsw edu au>
> _______________________________

- --
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Aaron Nichols                   Voice: 510-814-5000
Sr. Systems Engineer            Web: http://www.netopia.com
Internet Equipment Division     Email: anichols () netopia com
Netopia Inc.
2470 Mariner Square Loop
Alameda, CA 94501
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2

iQCVAwUBOhQ3dSAbedL6kyPTAQFmhwP/X832NNc27bTzR/njd5VkfRx5Q6sHgrZ8
iyyvI96QSztyhi6cd+L8IXQJQluQYZUyD1B+tTY85o/nggWG9G5kXYKNca8Y7kfs
VR6BKiqXX6+P8WluudlZDBhIaFhQSDqp3yEql9BdYmcS5kRSBtl+4BsxpynPq3/F
zdCq86W1xXk=
=jcE/
-----END PGP SIGNATURE-----