Product : MTPSR1-120 Firewall Proxy configuration software Version : 3.0 Vendor : Multi-Tech Systems, Inc. (http://www.multitech.com) Remote : Yes Author : UkR-XblP (cuctemaat_private)/ UkR security team Overview: Firewall Proxy configuration software default do not set a Firewall password and allow access via telnet protocol. As a result, the telnet port will be left exposed to unrestricted remote access. Remote users with malicious intent will be able to access the Firewall to change varius configs, such as IP, PPP/SLIP, WAN, Proxy, DHCP, Virtual Server or reset Firewall. Attackers can set their password, block webserver and registered users don't can login for change changes remote. Solution: Set the password after setup and desirable to disable telnet access. --- Professional hosting for everyone - http://www.host.ru
This archive was generated by hypermail 2b30 : Wed Dec 11 2002 - 17:44:46 PST