Ascom Timeplex Router Backdoor

Summary
Description:You can enter a backdoor 'debug' mode in these routers by sending a bunch of cntrl-d characters to the device.
Author:Brent Huston <bhuston@NETWALK.COM>
Compromise:Change the router setup, this would obviously be bad ;)
Vulnerable Systems:Ascom Timeplex Routers
Date:15 May 1997
Details


Date: Thu, 15 May 1997 16:39:33 -0400
From: Brent Huston <bhuston@NETWALK.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: MicroSolved finds hole in Ascom Timeplex Router Security

An error in Timeplex Routers allows a user to gain unauthorized access to the device through a special 'debug' mode. This mode allows manipulation of the router at the register level, as well as being able to reset the router or deny service. The 'debug' mode can be entered without logging into the router, by sending a number of cntrl-d sequences to the device. The router will then display it's ip address and other information and drop to a debug prompt.

This information could be used to gain further access to a network, or to change the router setup, or deny service. For further information, please contact Ascom.

MicroSolved is an independant security consulting firm located in Columbus, Ohio. We specialize in security auditing, intrusion detection, and dial-up security. For further information, please contact us via email at bhuston@netwalk.com

More Exploits!

The master index of all exploits is available here (Very large file)
Or you can pick your favorite operating system:
All OS's Linux Solaris/SunOS Micro$oft
*BSD Macintosh AIX IRIX
ULTRIX/Digital UNIX HP/UX SCO Remote exploits

This page is part of Fyodor's exploit world. For a free program to automate scanning your network for vulnerable hosts and services, check out my network mapping tool, nmap. Or try these Insecure.Org resouces:

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]