[NEWS] MTPSR1-120 Firewall Proxy Configuration Software Insecurity

From: support@securiteam.com
Date: 12/12/02

  • Next message: support@securiteam.com: "[NT] Enceladus Server Directory Traversal Vulnerability" 
    From: support@securiteam.com
To: list@securiteam.com
Date: 12 Dec 2002 18:29:03 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    Beyond Security would like to welcome Tiscali World Online
    to our service provider team.
    For more info on their service offering IP-Secure,
    please visit http://www.worldonline.co.za/services/work_ip.asp
    - - - - - - - - -

      MTPSR1-120 Firewall Proxy Configuration Software Insecurity
    ------------------------------------------------------------------------

    SUMMARY

    The <http://www.multitech.com/> MTPSR1-120 Firewall Proxy configuration
    software's default do not set a Firewall password and allow access via
    telnet protocol. As a result, the telnet port will be left exposed to
    unrestricted remote access. Remote users with malicious intent will be
    able to access the Firewall to change various configurations, such as IP,
    PPP/SLIP, WAN, Proxy, DHCP, Virtual Server or reset Firewall. Attackers
    can set their password, block web server and registered users don't can
    login for change changes remote.

    DETAILS

    Vulnerable systems:
     * MTPSR1-120 Firewall Proxy configuration version 3.0

    Solution:
    Set a password after setup and disable telnet access.

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:cuctema@ok.ru> UkR-XblP UkR
    security team.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

    Relevant Pages

    • [REVS] Bypassing Client Application Protection Techniques
      ... Get your security news from a reliable source. ... protection programs. ... * Kerio Personal Firewall 4.0 ... And we got actually nothing in the field of client application ...
      (Securiteam)
    • Re: Recycler security issues on IIS server
      ... > latest upates to the server. ... > like to see the server put behind our firewall, ... other software, install all patches, IISlockdown, URLscan, use the correct ... the procedures you follow may vary depending on your security needs. ...
      (microsoft.public.inetserver.iis.security)
    • Why hasnt Symantec addressed nastier Messenger spoofs
      ... Norton / Symantec has been silent on whether Norton Internet Security ... DSL firewall will stop these kinds of pop-ups. ... major ISPs and broadband systems. ...
      (comp.security.misc)
    • Re:RE : suggestions on a good firewall
      ... Subject: RE: suggestions on a good firewall ... CheckPoint does! ... with a url-filtering server. ... IT Technical Security Officer ...
      (Security-Basics)
    • Re: What is the Pattern here ?
      ... These are all Dialup Connections that I had no connection with at the time. ... It's obviously an enormous security hole, ... > and a real firewall box. ...
      (comp.security.firewalls)
    • Quantcast