BugTraq
Back to list
|
Post reply
Re: OptiSwitch remote root compromise - Wrong ifnormation
Jul 02 2003 09:01AM
Zeev Dr (zdraer mrv com)
In-Reply-To: <20030626030355.GA10951 (at) istc (dot) kg [email concealed]>
This is clearly a malicious attempt to harm company product.
No such hack exists, and this has been verified already by all relevant
entities.
Strongly recommended that placing such a harmful statement on site, should
at least be confirmed with the vendor before being made public.
Zeev Draer
OptiSwitch PM
-------------
>Received: (qmail 3370 invoked from network); 25 Jun 2003 21:07:39 -0000
>Received: from outgoing2.securityfocus.com (205.206.231.26)
> by mail.securityfocus.com with SMTP; 25 Jun 2003 21:07:39 -0000
>Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
> by outgoing2.securityfocus.com (Postfix) with QMQP
> id 117E48F7D7; Wed, 25 Jun 2003 15:07:26 -0600 (MDT)
>Mailing-List: contact bugtraq-help (at) securityfocus (dot) com [email concealed]; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq (at) securityfocus (dot) com [email concealed]>
>List-Help: <mailto:bugtraq-help (at) securityfocus (dot) com [email concealed]>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe (at) securityfocus (dot) com [email concealed]>
>List-Subscribe: <mailto:bugtraq-subscribe (at) securityfocus (dot) com [email concealed]>
>Delivered-To: mailing list bugtraq (at) securityfocus (dot) com [email concealed]
>Delivered-To: moderator for bugtraq (at) securityfocus (dot) com [email concealed]
>Received: (qmail 15715 invoked from network); 25 Jun 2003 20:57:21 -0000
>Date: Thu, 26 Jun 2003 03:03:55 +0000
>From: CrazZzy Slash <slash (at) istc (dot) kg [email concealed]>
>To: bugtraq (at) securityfocus (dot) com [email concealed]
>Subject: OptiSwitch remote root compromise
>Message-ID: <20030626030355.GA10951 (at) istc (dot) kg [email concealed]>
>Mime-Version: 1.0
>Content-Type: text/plain; charset=us-ascii
>Content-Disposition: inline
>User-Agent: Mutt/1.4i
>
>Hello bugtraq :)
>
>I've found bug in OptiSwitch 400 and 800 series, maybe another series :)
So abou
>t: then you connecting to the switch via telnet or console you may gain
root acc
>ess pressing Crtl+C <cr><cr> so you will :)
>
>Ok here is detailed information...
>
>Manufactor:
>MRV Communications, Inc.
>http://www.mrv.com
>
>Product:
>OptiSwitch 400 / 800 series, possibly others (not tested)
>http://www.mrv.com/products/line/optiswitch.php
>
>Exploit:
>Press Ctrl+C <cr><cr> while connecting to the switch and you're
welcome :) Enjoy
> ;)
>
>Manufactor informed:
>No, too busy for this, only for you bugtraq :)
>
>Date 24.06.2003
>
>slash (at) istc (dot) kg [email concealed]
>
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
This is clearly a malicious attempt to harm company product.
No such hack exists, and this has been verified already by all relevant
entities.
Strongly recommended that placing such a harmful statement on site, should
at least be confirmed with the vendor before being made public.
Zeev Draer
OptiSwitch PM
-------------
>Received: (qmail 3370 invoked from network); 25 Jun 2003 21:07:39 -0000
>Received: from outgoing2.securityfocus.com (205.206.231.26)
> by mail.securityfocus.com with SMTP; 25 Jun 2003 21:07:39 -0000
>Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
> by outgoing2.securityfocus.com (Postfix) with QMQP
> id 117E48F7D7; Wed, 25 Jun 2003 15:07:26 -0600 (MDT)
>Mailing-List: contact bugtraq-help (at) securityfocus (dot) com [email concealed]; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq (at) securityfocus (dot) com [email concealed]>
>List-Help: <mailto:bugtraq-help (at) securityfocus (dot) com [email concealed]>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe (at) securityfocus (dot) com [email concealed]>
>List-Subscribe: <mailto:bugtraq-subscribe (at) securityfocus (dot) com [email concealed]>
>Delivered-To: mailing list bugtraq (at) securityfocus (dot) com [email concealed]
>Delivered-To: moderator for bugtraq (at) securityfocus (dot) com [email concealed]
>Received: (qmail 15715 invoked from network); 25 Jun 2003 20:57:21 -0000
>Date: Thu, 26 Jun 2003 03:03:55 +0000
>From: CrazZzy Slash <slash (at) istc (dot) kg [email concealed]>
>To: bugtraq (at) securityfocus (dot) com [email concealed]
>Subject: OptiSwitch remote root compromise
>Message-ID: <20030626030355.GA10951 (at) istc (dot) kg [email concealed]>
>Mime-Version: 1.0
>Content-Type: text/plain; charset=us-ascii
>Content-Disposition: inline
>User-Agent: Mutt/1.4i
>
>Hello bugtraq :)
>
>I've found bug in OptiSwitch 400 and 800 series, maybe another series :)
So abou
>t: then you connecting to the switch via telnet or console you may gain
root acc
>ess pressing Crtl+C <cr><cr> so you will :)
>
>Ok here is detailed information...
>
>Manufactor:
>MRV Communications, Inc.
>http://www.mrv.com
>
>Product:
>OptiSwitch 400 / 800 series, possibly others (not tested)
>http://www.mrv.com/products/line/optiswitch.php
>
>Exploit:
>Press Ctrl+C <cr><cr> while connecting to the switch and you're
welcome :) Enjoy
> ;)
>
>Manufactor informed:
>No, too busy for this, only for you bugtraq :)
>
>Date 24.06.2003
>
>slash (at) istc (dot) kg [email concealed]
>
[ reply ]