From: Jonathan Rickman (jonathan@xcorps.net)
Date: Mon Feb 10 2003 - 18:22:04 EST
On Sun, 9 Feb 2003, Thomas Porter, Ph.D. wrote:
> My point is: Some vendors are beginning to realize how target-rich this
> environment is, and they are taking the appropriate steps in order to
> address the cognate security issues.
Then perhaps you can explain why an Avaya Intuity VM system purchased less
than 6 months ago is running exactly as described below...
> A recent pen test revealed several pieces of Avaya/Lucent/AT&T equipment
> running everything....echo, chargen, telnet, ftp, sendmail, portmapper,
> etc etc etc all buggy and unconfigured. If I crack the box (which
> appears to be a cakewalk) I have complete control over an unmonitored
> Unix platform. Great for hiding out, launching other attacks, storing
> files etc. Further I can control the telephony system via that IP
> connection by directly changing configuration files.
...and Avaya pretty much told the customer pack sand when they asked for
the root password to secure the box themselves. In this case, it may very
well cost the reseller a customer, because when the customer threatened to
leverage their physical access to break root for themselves, Avaya balked
and told the reseller they were on their own. Any such changes would void
the service contract. The box was a default install all the way, with the
sole exception (apparently) of the pop3 daemon. Can't recall the
specifics, but if I remember correctly, it was an older version of SCO
Unixware.
-- Jonathan Rickman X Corps Security http://www.xcorps.net ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:27 EDT