Bugtraq mailing list archives

Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS

From: Frank Louwers <frank () openminds be>
Date: Thu, 19 Feb 2004 00:55:47 +0100

On Tue, Feb 17, 2004 at 10:56:58PM +0000, James Green wrote:

On Tuesday 17 Feb 2004 6:23 pm, thiago.vazquez () light com br wrote:

We have many products from APC and we've tested that vulnerability in some
of them and ..... following are the results.


[ snip ]

According to a Matias Kvaternik at APC (US) today, the bug was discovered 
after the AP9606 was discontinued (we bought some less than one year ago), 
and the engineering team has "no fix in the pipeline". He advises us to 
switch off telnet access.


We have a brand new (3 weeks old) masterswitch that's in their
InfraStucture program thingie. It has the same backdoor password!
 


Kind Regards,
Frank Louwers

-- 
Openminds bvba                www.openminds.be
Tweebruggenstraat 16  -  9000 Gent  -  Belgium

Current thread:

Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS thiago . vazquez (Feb 17)
- Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Thomas M. Payerle (Feb 18)
- Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS James Green (Feb 18)
  - Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Keith Clifton (Feb 19)
  - Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Frank Louwers (Feb 19)
  - Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" - MORE PROBLEMS Tom (Feb 19)