Product : MTPSR1-120 Firewall Proxy configuration
software
Version : 3.0
Vendor : Multi-Tech Systems, Inc.
(http://www.multitech.com)
Remote : Yes
Author : UkR-XblP (cuctema (at) ok (dot) ru [email concealed])/ UkR security team
Overview:
Firewall Proxy configuration software default do not set a
Firewall password and allow access via telnet protocol. As
a result, the telnet port will be left exposed to
unrestricted remote access. Remote users
with malicious intent will be able to access the Firewall
to change varius configs, such as IP, PPP/SLIP, WAN,
Proxy, DHCP, Virtual Server or reset Firewall. Attackers
can set their password, block webserver and registered
users don't can login for change changes remote.
Solution:
Set the password after setup and desirable to disable
telnet access.
---
Professional hosting for everyone - http://www.host.ru
software
Version : 3.0
Vendor : Multi-Tech Systems, Inc.
(http://www.multitech.com)
Remote : Yes
Author : UkR-XblP (cuctema (at) ok (dot) ru [email concealed])/ UkR security team
Overview:
Firewall Proxy configuration software default do not set a
Firewall password and allow access via telnet protocol. As
a result, the telnet port will be left exposed to
unrestricted remote access. Remote users
with malicious intent will be able to access the Firewall
to change varius configs, such as IP, PPP/SLIP, WAN,
Proxy, DHCP, Virtual Server or reset Firewall. Attackers
can set their password, block webserver and registered
users don't can login for change changes remote.
Solution:
Set the password after setup and desirable to disable
telnet access.
---
Professional hosting for everyone - http://www.host.ru
[ reply ]