Hello again, A little update: just checked an ASCII dump of the FMS-II Superstack Hub firmware (3Com's P/N 3c16630a) looking for undocumented username/password strings and didn't find any... that doen't mean that there isn't one, through. BTW: Don't you love it when your trusty vendor sticks security backdoors in their products? :-( I used to recomend 3Com products to my clients but now I'm starting to have second thoughts... > > PROBLEM: > > There appears to be a backdoor/undocumented "access level" in current (and > > possibly previous) versions of 3Com's "intelligent" and "extended" > > switching software for LanPlex/Corebuilder switches. > > Just checked my 3Com Superstack II intelligent hub and Switches (they have > a similar Telnet interface) and they appear NOT to have this backdoor > (humm, or does the backdoor use a different username/password? I wonder...) Best Regards, -- Durval Menezes (durvalat_private, http://www.tmp.com.br/~durval)
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:52:34 PDT