OptiSwitch remote root compromise

From: CrazZzy Slash (slashat_private)
Date: Wed Jun 25 2003 - 20:03:55 PDT

Next message: Nik Reiman: "various portmon vulnerabilities"

Previous message: Conectiva Updates: "[CLA-2003:662] Conectiva Security Announcement - ethereal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello bugtraq :)

I've found bug in OptiSwitch 400 and 800 series, maybe another series :) So abou
t: then you connecting to the switch via telnet or console you may gain root acc
ess pressing Crtl+C <cr><cr> so you will :)

Ok here is detailed information...

Manufactor:
MRV Communications, Inc.
http://www.mrv.com

Product:
OptiSwitch 400 / 800 series, possibly others (not tested)
http://www.mrv.com/products/line/optiswitch.php

Exploit:
Press Ctrl+C <cr><cr> while connecting to the switch and you're welcome :) Enjoy
 ;)

Manufactor informed:
No, too busy for this, only for you bugtraq :)

Date 24.06.2003

slashat_private

Next message: Nik Reiman: "various portmon vulnerabilities"
Previous message: Conectiva Updates: "[CLA-2003:662] Conectiva Security Announcement - ethereal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jun 25 2003 - 14:14:37 PDT