[8686] in bugtraq
Lousy password handling in BreezeCOM
daemon@ATHENA.MIT.EDU (Mr. SteelFire)
Thu Dec 10 11:47:57 1998
Date: Thu, 10 Dec 1998 15:16:37 +0100
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: "Mr. SteelFire" <steelfire@PLUTTEN.HL.LU.SE>
To: BUGTRAQ@NETSPACE.ORG
BreezeCOM adapters are used in wireless LAN environments and like any
communication device (switches, routers etc.) you need a password to
access the adapter.
BreezeCOM has choosed to use a burned-in factory standard password for
their adapters which really is a stupid way to handle this. They have
different passwords for different version which you cannot change and the
passwords are the following:
4.x Super
3.x Master
2.x laflaf
As far as I'm concerned the passwords above works with SA (Station
Adapter) 10, SA 40 and AP (Access Point) 10.
One thing that should be pointed out is that it's not possible to access
the adapters remote (not telnet etc.) so the security problem is local.
/Steelfire
(Not the game, the real me.)
