|
OptiSwitch User Authentication Bypass Vulnerability
|
|
Secunia Advisory:
|
SA9131
|
|
|
Release Date:
|
2003-06-27
|
|
Last Update:
|
2003-07-07
|
|
Popularity:
|
5,101 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Security Bypass
|
|
Where:
|
From local network
|
|
Solution Status:
|
Unpatched
|
|
| OS: | OptiSwitch 400 Series
OptiSwitch 800 Series
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
Description:
A vulnerability has been reported in OptiSwitch, which may allow malicious people to gain access to the device.
Reportedly, it is possible to bypass the user authentication when connecting to the device via telnet or the console by pressing Ctrl+C followed by two carriage returns.
NOTE: The vendor has reported that they are unable to confirm the issue.
Solution:
Restrict physical access to the device and allow only trusted IP addresses to connect.
Provided and/or discovered by:
CrazZzy Slash
Changelog:
2003-07-07: Vendor states that they cannot confirm the issue.
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
