How to expolit?

[intel96 <intel96 () bellsouth net>]

I am conducting a pentest and want to know if there is a way to take 
advantage of two potential security issues. 

The first is an embedded password in the application, which is stored on 
an internal flash (there is only a LAN connection to this device and no 
other access).  Is there a way to obtain this password without taking 
the device apart?

The second are potential buffer overflows (caused by sending various 
size packets to the device over IP) in the device and several registered 
locations , which causes the device to reboot and issue kernel panics.  
Is there a way to take advantage of these buffer overflow to gain 
administrator access to the device?

Thanks in advance for any help.

Intel96



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------