Forwarded From: "Prosser, Mike" <Mike_Prosser@tds.com>
http://www.techweb.com/wire/story/TWB19980515S0012
3Com Issues Security Fix To LAN Switches
(05/15/98; 2:04 p.m. EST)
By Jeff Caruso, InternetWeek
3Com Friday advised users to close a security "back door" to some
CoreBuilder and SuperStack II LAN switches, adding that a software fix
will be ready on May 20.
The door was thrown wide open when special login names and passwords
were distributed on Internet chat groups. These special logins were
intended to give 3Com customer service representatives access to the
switches for configuration and analysis if a user loses a password. Now,
almost anyone can get in.
3Com has advised users log in to their switches using the special
logins, then change the password. Here are the special logins:
For the CoreBuilder 6000/2500 or the SuperStack II 2200, the user name
is "debug" and the password is "synnet"; for the CoreBuilder 7000 or the
SuperStack II Switch 2700, the user name is "tech" and the password is
"tech."
3Com said the CoreBuilder 3500 and SuperStack II Switch 3900 and 9300
also have these mechanisms, but noted the special login password always
matches the admin password.
3Com further advised users change the Simple Network Management Protocol
(SNMP) Community string from the default to a confidential identifier
chosen by the network manager. The admin password is available through
an MIB variable when accessed through the read/write SNMP Community
string, 3Com said. This problem affects the CoreBuilder 2500/6000/3500
and SuperStack II Switch 2200/3900/9300.
The advisory is posted at www.3com.com/news/advisory51498.html
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Wed May 20 11:17:46 1998