Bugtraq mailing list archives
Re: OptiSwitch remote root compromise - Wrong ifnormation
From: Zeev Dr <zdraer () mrv com>
Date: 2 Jul 2003 09:01:38 -0000
In-Reply-To: <20030626030355.GA10951 () istc kg> This is clearly a malicious attempt to harm company product. No such hack exists, and this has been verified already by all relevant entities. Strongly recommended that placing such a harmful statement on site, should at least be confirmed with the vendor before being made public. Zeev Draer OptiSwitch PM -------------
Received: (qmail 3370 invoked from network); 25 Jun 2003 21:07:39 -0000 Received: from outgoing2.securityfocus.com (205.206.231.26) by mail.securityfocus.com with SMTP; 25 Jun 2003 21:07:39 -0000 Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
by outgoing2.securityfocus.com (Postfix) with QMQP id 117E48F7D7; Wed, 25 Jun 2003 15:07:26 -0600 (MDT) Mailing-List: contact bugtraq-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq () securityfocus com> List-Help: <mailto:bugtraq-help () securityfocus com> List-Unsubscribe: <mailto:bugtraq-unsubscribe () securityfocus com> List-Subscribe: <mailto:bugtraq-subscribe () securityfocus com> Delivered-To: mailing list bugtraq () securityfocus com Delivered-To: moderator for bugtraq () securityfocus com Received: (qmail 15715 invoked from network); 25 Jun 2003 20:57:21 -0000 Date: Thu, 26 Jun 2003 03:03:55 +0000 From: CrazZzy Slash <slash () istc kg> To: bugtraq () securityfocus com Subject: OptiSwitch remote root compromise Message-ID: <20030626030355.GA10951 () istc kg> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Hello bugtraq :) I've found bug in OptiSwitch 400 and 800 series, maybe another series :)
So abou
t: then you connecting to the switch via telnet or console you may gain
root acc
ess pressing Crtl+C <cr><cr> so you will :) Ok here is detailed information... Manufactor: MRV Communications, Inc. http://www.mrv.com Product: OptiSwitch 400 / 800 series, possibly others (not tested) http://www.mrv.com/products/line/optiswitch.php Exploit: Press Ctrl+C <cr><cr> while connecting to the switch and you're
welcome :) Enjoy
;) Manufactor informed: No, too busy for this, only for you bugtraq :) Date 24.06.2003 slash () istc kg
Current thread:
- Re: OptiSwitch remote root compromise - Wrong ifnormation Zeev Dr (Jul 02)