[19839] in bugtraq
ILMI community in olicom/crosscomm routers
daemon@ATHENA.MIT.EDU (Jacek Lipkowski)
Mon Mar 26 03:14:23 2001
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.21.0103251132220.9584-100000@acid.ch.pw.edu.pl>
Date: Sun, 25 Mar 2001 11:53:52 +0200
Reply-To: Jacek Lipkowski <sq5bpf@ACID.CH.PW.EDU.PL>
From: Jacek Lipkowski <sq5bpf@ACID.CH.PW.EDU.PL>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200102270400.ios-snmp-ilmi-vuln-pub@productsecurity.cisco.com>
Crosscomm/Olicom routers have a undocumented community string ILMI
(yes, the same as in cisco :) that has read and write permissions (i
didn't check the whole tree, but you can set system.sysContact.0 for
example). This was checked on a XLT-F router with software 'XL 80 IM
Version 5.5 Build Level 2' (this was what it reported via snmp).
The vendor hasn't been notified, as it doesn't exist (olicom sold their
router business to Intel, don't know what happened to it later).
You can consider this a serious vulnerability, because people will find it
while looking for vulnerable cisco routers.
Jacek Lipkowski
