[21425] in bugtraq
RE: Cayman-DSL Model 3220-H DOS with nmap
daemon@ATHENA.MIT.EDU (Joshua Fritsch)
Tue Jul 10 01:47:08 2001
Message-ID: <12ED50EDC55DD4119C2D009027DE335EFC3EB7@exchange.nyfix.com>
From: Joshua Fritsch <joshua.fritsch@nyfix.com>
To: "'bugtraq@securityfocus.com'" <bugtraq@securityfocus.com>
Date: Mon, 9 Jul 2001 20:46:05 -0400
MIME-Version: 1.0
Content-Type: text/plain
> Serious Cayman problem?
Not half as serious as the default setup on some (all?) Cayman DSL routers,
which come with such "features" as:
* No administrative password set by default
* A mini webserver....to access the unprotected administrative commands
* Telnet that lets a person in without a password
This is a pretty old issue, first reported (I think) back in March 2000:
http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Fend%3
D2001-07-14%26mid%3D50343%26threads%3D0%26list%3D1%26start%3D2001-07-08%26fr
omthread%3D1%26
However, there are still tons of these out there, with no password. Also the
above advisory does not mention that these machines respond to SNMP queries
(default public/private SNMP strings) with enough info to choke a horse - -
not to mention that once a user is logged in, they can telnet OUT as
well.....
Has Cayman fixed the problem? I don't know. But you would think that any ISP
which has promoted these products would have long since contacted their
customers to remedy the situation - - obviously many have not.
-J
