Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Alcatel leaves LAN switch software back door wide open

From: InfoSec News <isn () c4i org>
Date: Mon, 25 Nov 2002 02:00:26 -0600 (CST)
http://www.nwfusion.com/news/2002/1122alcatellan.html

By Joris Evers
IDG News Service
11/22/02

A security vulnerability in Alcatel SA's OmniSwitch 7000 series LAN
switches could lead to an attacker gaining full control over the
switches, Alcatel warned.

Alcatel OmniSwitch 7700 and 7800 switches running the Alcatel
Operating System (AOS) Version 5.1.1 are affected, Alcatel said in a
security advisory this week. The Computer Emergency Response
Team/Coordination Center (CERT/CC) at Carnegie Mellon University in
Pittsburgh issued a separate warning on Thursday.

In the vulnerable systems, a telnet server listens for connections on
TCP port 6778 and accepts connections without requiring a password,
creating a back door that provides full administrative control over
the switch.

The telnet access was used for development of the product and Alcatel
forgot to remove it "due to an oversight," the company said. Alcatel
informed CERT of the back door when it was discovered during a code
audit, the Paris network equipment maker said.

Users of vulnerable switches should immediately create an access
control list blocking all access to port 6778 on the switch, Alcatel
said. A patch to close the back door is also available. Furthermore,
the vulnerability will be removed from AOS as of Version 5.1.3,
Alcatel said. AOS ships with each OmniSwitch.

The scope of the vulnerability is limited because the OmniSwitch 7000
series is meant for use in enterprise networks, not in public
networks, Alcatel spokesman Klaus Wustrack said Friday. That means
that companies could face attacks from the inside only and that public
networks are not at risk.

"These switches are normally used within a private enterprise network.  
They are not public switching products. Any enterprise should protect
their private network through a firewall," Wustrack said.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: