Ascom Timeplex Router Backdoor
| Description: | You can enter a backdoor 'debug' mode in these routers by sending a bunch of cntrl-d characters to the device. |
| Author: | Brent Huston <bhuston@NETWALK.COM> |
| Compromise: | Change the router setup, this would obviously be bad ;) |
| Vulnerable Systems: | Ascom Timeplex Routers |
| Date: | 15 May 1997 |
Date: Thu, 15 May 1997 16:39:33 -0400
From: Brent Huston <bhuston@NETWALK.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: MicroSolved finds hole in Ascom Timeplex Router Security
An error in Timeplex Routers allows a user to gain unauthorized access to the device through a special 'debug' mode. This mode allows manipulation of the router at the register level, as well as being able to reset the router or deny service. The 'debug' mode can be entered without logging into the router, by sending a number of cntrl-d sequences to the device. The router will then display it's ip address and other information and drop to a debug prompt.
This information could be used to gain further access to a network, or to change the router setup, or deny service. For further information, please contact Ascom.
MicroSolved is an independant security consulting firm located in Columbus, Ohio. We specialize in security auditing, intrusion detection, and dial-up security. For further information, please contact us via email at bhuston@netwalk.com
The master index of all exploits is available
here (Very large file)
Or you can pick your favorite operating system:
This page is part of Fyodor's exploit
world.
For a free program to automate scanning your network for vulnerable
hosts and services, check out my network mapping tool, nmap. Or try these Insecure.Org resources:
