Samsung SmartEther SS6215S Switch

From: Kyle Duren (acidrain_ask_at_pixitha.com)
Date: 04/26/04

  • Next message: K. K. Mookhey: "Re: New Paper - SQL Injection Signatures Evasion"
    Date: 26 Apr 2004 01:07:42 -0000
    To: bugtraq@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is)

    There is a vulnerability within the OS that this (and other) samsung
    managed switches. The problem resides in the way that the admin user
    is authenticated when trying to login using telnet (remote) or from
    console (local). Now just so everyone who reads this knows, I am not
    that up to date on all of these terms for this such thing.

    Example:

    Trying 192.168.0.2...
    Connected to 192.168.0.2.
    Escape character is '^]'.

                    Samsung Electronics Co., Ltd.
                     Enterprise Network Division
                          SmartEther Switch
    login : admin
    password: ****************
    error: Password not matched.
    password:

    admin>

    If you try to login as the "admin" user, and you do not have the
    password, then all you need to do, is to type "admin" and then for the
    password, use any combination of letters or numbers or !@#$%^&*, as
    long as it fills up the entire "space" for the password it will work.
    Then you hit enter again, after it tells you the password is incorrect.
    You are now logged in. This works via telnet or via local
    (hyperterminal). However this does not work, if you fill all of the
    password space, and then delete one character.I have tried this on 2
    SS6215S 16 port layer 2 managed switches and it works on both every
    time.

    This will not however let you "set" the admin password once you have
    logged in. Example:

    admin> passwd
    old password : ****************
    error: old password is not matched
    admin>

    If anyone has any other models of these switches or hubs I'd like to see
    if this problem exists in other models.

    -
    Kyle Duren


  • Next message: K. K. Mookhey: "Re: New Paper - SQL Injection Signatures Evasion"

    Relevant Pages

    • Re: getting me ducks in a row - concepts
      ... Don't create local login accounts for users, ... >> admin types know the local administrator credentials on all PCs. ... You don't load QB on the server - the registry keys or files/folders would ...
      (microsoft.public.windows.server.sbs)
    • User Management Question
      ... I have one user login whose name is "Admin" - and another user login ... documents and settings in my "Admin" ... folders in the folder. ...
      (microsoft.public.windowsxp.general)
    • User Management Question
      ... I have one user login whose name is "Admin" - and another user login ... documents and settings in my "Admin" ... folders in the folder. ...
      (microsoft.public.windowsxp.customize)
    • User Management Question
      ... I have one user login whose name is "Admin" - and another user login ... documents and settings in my "Admin" ... folders in the folder. ...
      (microsoft.public.windowsxp.customize)
    • User Management Question
      ... I have one user login whose name is "Admin" - and another user login ... documents and settings in my "Admin" ... folders in the folder. ...
      (microsoft.public.windowsxp.newusers)