[6728] in bugtraq
Re: 3Com switches - undocumented access level.)
daemon@ATHENA.MIT.EDU (Joao Carlos Mendes Luis)
Sun May 10 17:16:58 1998
Date: Sun, 10 May 1998 16:59:56 -0300
Reply-To: Joao Carlos Mendes Luis <jonny@COE.UFRJ.BR>
From: Joao Carlos Mendes Luis <jonny@COE.UFRJ.BR>
X-To: mesrik@cc.jyu.fi
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.SOL.3.96.980509072433.17629A-100000@tukki.cc.jyu.fi> from
Riku Meskanen at "May 9, 98 12:57:35 pm"
#define quoting(Riku Meskanen)
// Q: Right, but how about SuperStack II Switch 1000, does it has
// undocumented access level?
//
// A: Yes, try username "monitor", with password "monitor".
Hey ! This is very well documented !
Users "monitor", "manager" and "security" are factory pre-existent,
with default passwords equal to the account name. It's user's
obligation to change all 3 passwords if he wants security.
AFAIK, this is valid for every SuperStack management module/equipment.
// Q: Is the SuperStack II Switch 3000 also affected, as it's basically
// same the same family line.
//
// A: Yes, try same username/password pair monitor/monitor.
// The tested system has version information.
See above.
Jonny
--
Joao Carlos Mendes Luis jonny@gta.ufrj.br
+55 21 290-4698 ( Job ) jonny@coppe.ufrj.br
M.Sc. Student Electrical Engineering
Universidade Federal do Rio de Janeiro
