OptiSwitch remote root compromise

[CrazZzy Slash <slash () istc kg>]

Hello bugtraq :)

I've found bug in OptiSwitch 400 and 800 series, maybe another series :) So abou
t: then you connecting to the switch via telnet or console you may gain root acc
ess pressing Crtl+C <cr><cr> so you will :)

Ok here is detailed information...

Manufactor:
MRV Communications, Inc.
http://www.mrv.com

Product:
OptiSwitch 400 / 800 series, possibly others (not tested)
http://www.mrv.com/products/line/optiswitch.php

Exploit:
Press Ctrl+C <cr><cr> while connecting to the switch and you're welcome :) Enjoy
 ;)

Manufactor informed:
No, too busy for this, only for you bugtraq :)

Date 24.06.2003

slash () istc kg