[21531] in bugtraq

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: cayman strikes again

daemon@ATHENA.MIT.EDU (Paul Allman)
Mon Jul 16 12:56:02 2001

From: "Paul Allman" <sandbank@gte.net>
To: "'Joshua Fritsch'" <joshua.fritsch@nyfix.com>,
        "'Russell Handorf '" <rhandorf@mail.russells-world.com>,
        <bugtraq@securityfocus.com>, <klp@securityfocus.com>
Date: Mon, 16 Jul 2001 11:29:39 -0400
Message-ID: <004e01c10e0c$21931bd0$0201a8c0@bankloansa>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
In-Reply-To: <12ED50EDC55DD4119C2D009027DE335EFC3EBA@exchange.nyfix.com>

my cayman 2e allows anyone to login with any character string (but does not
grant admin abilities)

paul allman

-----Original Message-----
From: Joshua Fritsch [mailto:joshua.fritsch@nyfix.com]
Sent: Wednesday, July 11, 2001 6:50 PM
To: 'Russell Handorf '; 'bugtraq@securityfocus.com ';
'klp@securityfocus.com '
Subject: RE: cayman strikes again


> try using '}' as a username without a password for cayman routers.

I believe that in some circumstances, you can get in with *any* character
string...more as an identifier than a real login. But I don't have equipment
to test on, so I cannot confirm this.

Anyone?

-J

home	help	back	first	fref	pref	prev	next	nref	lref	last	post