Re: OptiSwitch remote root compromise - Wrong ifnormation

From: Zeev Dr (zdraerat_private)
Date: Wed Jul 02 2003 - 02:01:38 PDT

Next message: Michal Zalewski: "Red Hat 9: free tickets"

Previous message: CORE Security Technologies Advisories: "CORE-2003-0305-03: Active Directory Stack Overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) In-Reply-To: <20030626030355.GA10951at_private> This is clearly a malicious attempt to harm company product. No such hack exists, and this has been verified already by all relevant entities. Strongly recommended that placing such a harmful statement on site, should at least be confirmed with the vendor before being made public. Zeev Draer OptiSwitch PM ------------- >Received: (qmail 3370 invoked from network); 25 Jun 2003 21:07:39 -0000 >Received: from outgoing2.securityfocus.com (205.206.231.26) > by mail.securityfocus.com with SMTP; 25 Jun 2003 21:07:39 -0000 >Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) > by outgoing2.securityfocus.com (Postfix) with QMQP > id 117E48F7D7; Wed, 25 Jun 2003 15:07:26 -0600 (MDT) >Mailing-List: contact bugtraq-helpat_private; run by ezmlm >Precedence: bulk >List-Id: <bugtraq.list-id.securityfocus.com> >List-Post: <mailto:bugtraqat_private> >List-Help: <mailto:bugtraq-helpat_private> >List-Unsubscribe: <mailto:bugtraq-unsubscribeat_private> >List-Subscribe: <mailto:bugtraq-subscribeat_private> >Delivered-To: mailing list bugtraqat_private >Delivered-To: moderator for bugtraqat_private >Received: (qmail 15715 invoked from network); 25 Jun 2003 20:57:21 -0000 >Date: Thu, 26 Jun 2003 03:03:55 +0000 >From: CrazZzy Slash <slashat_private> >To: bugtraqat_private >Subject: OptiSwitch remote root compromise >Message-ID: <20030626030355.GA10951at_private> >Mime-Version: 1.0 >Content-Type: text/plain; charset=us-ascii >Content-Disposition: inline >User-Agent: Mutt/1.4i > >Hello bugtraq :) > >I've found bug in OptiSwitch 400 and 800 series, maybe another series :) So abou >t: then you connecting to the switch via telnet or console you may gain root acc >ess pressing Crtl+C <cr><cr> so you will :) > >Ok here is detailed information... > >Manufactor: >MRV Communications, Inc. >http://www.mrv.com > >Product: >OptiSwitch 400 / 800 series, possibly others (not tested) >http://www.mrv.com/products/line/optiswitch.php > >Exploit: >Press Ctrl+C <cr><cr> while connecting to the switch and you're welcome :) Enjoy > ;) > >Manufactor informed: >No, too busy for this, only for you bugtraq :) > >Date 24.06.2003 > >slashat_private >

Next message: Michal Zalewski: "Red Hat 9: free tickets"
Previous message: CORE Security Technologies Advisories: "CORE-2003-0305-03: Active Directory Stack Overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 02 2003 - 11:34:13 PDT