Vulners
Lucene search
usr-totalswitch.txt
`Date: Mon, 21 Dec 1998 14:52:29 -0600
From: Adam Maloney <[email protected]>
Reply-To: Bugtraq List <[email protected]>
To: [email protected]
Subject: Re: [In]security in USR TotalSwitch
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Normally I would've bought a Cisco switch, or a different 3com switch, but
these guys were so cheap, i couldn't resist.
I recently upgraded to the newest version of the firmware, and the
vulnerability still exists.
The version I'm using is 2.2 released on 10/30/97 There is no mention of
any newer version in their totalsupport download area.
Where did you see the patch? I can't find any mention of it.
Thanks,
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Adam Maloney
Systems Administrator
Internet Exposure
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-----Original Message-----
>From: Lou Anschuetz <[email protected]>
To: [email protected] <[email protected]>
Date: Monday, December 21, 1998 2:35 PM
Subject: Re: [In]security in USR TotalSwitch
>> I searched the archives, with no luck finding anything about this.
>>
>> Recently a bunch of USR TotalSwitch (chassis which takes 5 cards, 10 /
100 /
>> fddi / whatever, and a network management card) units went up for
auction,
>> and I know a lot of people purchased them, hence my concern.
>>
>> The switch is managable via snmp, telnet or a console port. Using the
>> management features, you can disable / enable certain ports, configure IP
>> routes and such. The management software allows you to set a password to
>> access the switch (either by telnet or the console).
>>
>> Of course, there is a back-door so techs could reset or debug the unit if
>> they didn't have the password. Unfortunately, this backdoor is not
limited
>> to the console port like it should be. It is possible to telnet to the
>> switch, enter a "secret code" (which is readily available, for everyone's
>> sake I won't give it out here) and do a memory dump to see the plaintext
>> password.
>>
>> Solution: 3COM - limit this functionality to the console port ONLY.
>> End-user - add an access list to filter telnet to your switch's IP
address
>> from outside your network.
>>
>> P.S. If anyone knows where to get the 100btx cards for this thing, please
>> e-mail me!
>>
>> Reguards,
>>
>3COM did put out a patch for this, though it was rather quietly -
>it also effects all CoreBuilder switches. Fortunately, I only buy
>un-managed 3COM stuff. Everything that is a switch (or above) is
>Cisco.
>
>--
>-
>Lou Anschuetz, [email protected]
>Network Manager, ECE, Carnegie Mellon University
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4