[39064] in bugtraq
Re: Backdoor in =?iso-8859-1?b?Rm9ydGluZXS0cw==?= firewall Fortigate
daemon@ATHENA.MIT.EDU (Michael J McCafferty)
Thu Jun 2 18:31:32 2005
Message-ID: <1117740533.429f5df5354e4@webmail.m5computersecurity.com>
Date: Thu, 2 Jun 2005 12:28:53 -0700
From: Michael J McCafferty <mike@m5computersecurity.com>
To: Johan Andersson <andersson@one.se>, bugtraq@securityfocus.com
In-Reply-To: <429E4044.8050300@one.se>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
This is a documented feature of the FortiGate and FortiLog devices.
You must have a local serial connection. So, this is not remotely exploitble. If
someone has physical access to your firewall to make a serial connection, then
you have plenty of other problems too.
For reference:
http://kc.forticare.com/default.asp?SID=&Lang=1&id=407
http://kc.forticare.com/default.asp?id=837&Lang=1
Mike
Quoting Johan Andersson <andersson@one.se>:
> If you have console access to this box, you are able to get root access
> or more by using the Username: maintainer
> Password: pbcpbn[here should you type the serialnr. of the box, the
> characters should be in Capital letters.]
> FortiOS: 2.x
>
> Regards
> Johan Andersson
> Atea Security, Sweden
> Phone: +46-709-19 71 76
> Mail: johan.andersson@atea.com
>
--
************************************************************
Michael J. McCafferty
Principal, Security Engineer
M5 Hosting
858-576-7325 Voice
http://www.m5hosting.com
************************************************************
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
