• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Avaya Cajun Firmware Undocumented Default Accounts Vulnerability

A vulnerability has been discovered in Avaya Cajun switches.

It has been reported that Avaya Cajun firmware contains multiple, undocumented, users with default passwords. Access to these accounts results in developer privileges, allowing read/write access to the switch.

Exploitation of this issue could allow a remote attacker to gain privileged access to the vulnerable switch, resulting in arbitrary configuration settings to be modified.