RE: Backdoor in Fortinetīs firewall Fortigate

• Previous message: Boren, Rich (SSRT): "[security bulletin] SSRT5962 rev.0 HP OpenView Radia mgmt - Remote access and DoS"
• Maybe in reply to: Johan Andersson: "Backdoor in Fortinetīs firewall Fortigate"
• Next in thread: Michael J McCafferty: "Re: Backdoor in Fortinetīs firewall Fortigate"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 2 Jun 2005 12:01:32 -0700
To: "Johan Andersson" <andersson@one.se>, <bugtraq@securityfocus.com>

I fail to see how this is a "backdoor".

This is how one would reset their master password on the device.

Physical access always trumps all other forms of security.

Cisco routers can have their password reset if you gain physical access to them as well.

And (if nothing else), this method is not new, and is well documented by Fortigate.

Matt Gibson - GSEC FCSE

-----Original Message-----
From: Johan Andersson [mailto:andersson@one.se]
Sent: June 1, 2005 4:10 PM
To: bugtraq@securityfocus.com
Subject: Backdoor in Fortinetīs firewall Fortigate

If you have console access to this box, you are able to get root access
or more by using the Username: maintainer
Password: pbcpbn[here should you type the serialnr. of the box, the
characters should be in Capital letters.]
FortiOS: 2.x

Regards
Johan Andersson
Atea Security, Sweden
Phone: +46-709-19 71 76
Mail: johan.andersson@atea.com

• Previous message: Boren, Rich (SSRT): "[security bulletin] SSRT5962 rev.0 HP OpenView Radia mgmt - Remote access and DoS"
• Maybe in reply to: Johan Andersson: "Backdoor in Fortinetīs firewall Fortigate"
• Next in thread: Michael J McCafferty: "Re: Backdoor in Fortinetīs firewall Fortigate"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]