[8785] in bugtraq

home help back first fref pref prev next nref lref last post

Re: 3com

daemon@ATHENA.MIT.EDU (Eric Forcey)
Wed Dec 23 06:03:36 1998

Date: 	Mon, 21 Dec 1998 22:15:19 -0800
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Eric Forcey <eforcey@PSNW.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <199812211926.LAA27365@pop.thegrid.net>

Actually it's not the NMC card, its the HiPer ARC card.

According to USR/3com personnel it is only affected in v4.1.x revisions
of the HARC code.

As posted, the fix is to disable the account.




> -----Original Message-----
> From: Bugtraq List [mailto:BUGTRAQ@netspace.org]On Behalf Of Entropy
> Sent: Monday, December 21, 1998 11:24 AM
> To: BUGTRAQ@netspace.org
> Subject: Fwd: Re: 3com
>
>
>   The software that 3com has developed for running the NMC (network
> management card) for the Total Control Hubs is a bit shady.
> After uploading the software ( as one must do) YOU will notice a login
>  account called "adm" with no password.
>   Naturally no one wants the "adm" login there, so they delete it from the
> configuration, and go on  programming the box. Once the box has been
>  programmed and is ready to take calls, it is necessary to save all
> settings, and hardware reset the box, at this point the box is fully
> configured, and ready to
>  take calls. The problem is this, the "adm" login requiring no
> password, is
>  still there after the hardware reset!!! It cannot be deleted!
>      I have ran a trace route on over 37 ISP's, found there HD box's, and
> have been able to get
>  into 21 of them through this security hole!
>        The admin that programmed the box has no reason to go back into the
> configuration after doing the
> hardware reset, he has already gone over and double checked his settings,
> they all looked good, and hardware reset has gone into action as the last
> step.., he has no clue that the "adm" he has deleted is still there, and
> active.
>       In order to stop the "adm" login one can only dis-able the "adm"
>  login, not delete it....this is the only way to stop the login.
>
>  I have tested this on the current, and last 3 releases of
> software put out
>  by 3com for the NMC card.  3Com has been notified
>
>  I hope this helps.
>
>  Entr0py
>

home help back first fref pref prev next nref lref last post