OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq Archives: Re: Nortel Contivity Vulnerability

Re: Nortel Contivity Vulnerability

Subject: Re: Nortel Contivity Vulnerability
From: Bill Fumerola (billfCHC-CHIMES.COM)
Date: Tue Jan 18 2000 - 16:04:08 CST

On Tue, Jan 18, 2000 at 12:21:03AM +0000, foo wrote:

> Nortel's new Contivity seris extranet switches
> (http://www.nortelnetworks.com/products/01/contivity) give administrators
> the ability to enable a small HTTP server and use Nortel's web based
> administration utility to handle configuration and maitenance.
> The server runs atop the VxWorks operating system and is located in the
> directory /system/manage. A CGI application, /system/manage/cgi/cgiproc
> that is used to display the administration html pages does not properly
> authenticate users prior to processing requests. An intruder can
> view any file on the switch without logging in.

As a user of the aforementioned product, its important to note that
only the management side (read: your internal network) can access
the HTTP server of the switch (by default, though I don't even think
you can change this.)

I'm not downplaying the stupidity of cgiproc, I'm just saying lets not
all run and turn our contivity switches off. 

--
Bill Fumerola - Network Architect
Computer Horizons Corp - CVM
e-mail: billfchc-chimes.com / billfFreeBSD.org
Office: 800-252-2421 x128 / Cell: 248-761-7272

This archive was generated by hypermail 2b27 : Wed Jan 19 2000 - 12:51:22 CST