-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hewlett Packard AdvanceStack Switch Managment Authentication Bypass Vulnerability Type: Access Validation Error Release Date: February 8, 2002 Product / Vendor: HP AdvanceStack 10Base-T Switching Hubs combine economical 10Base-T functionality with the performance of switching. Each switching hub starts out as a simple, single-segment, shared 10Base-T hub. http://www.hp.com Summary: A problem with the HP switch allows some users to change configuration of the switch. A bug introduced in the HP AdvanceStack J3210A that could allow users full access on the switch. Upon taking advantage of this vulnerability, the user could change the configuration of the switch and could change admin password. Therefore, it is possible for a superuser password changing with unprivileged access on the switch to gain elevated privileges, and potentially change configuration of the switch. Exploit: An attacker can get unauthorized access to the switch read/write password change page this page http://host/security/web_access.html and change superuser password. Connect superuser privileged via Web or Telnet. Tested: HP J3210A AdvanceStack Vulnerable: HP J3210A AdvanceStack Disclaimer: http://www.securityoffice.net is not responsible for the misuse or illegal use of any of the information and/or the software listed on this security advisory. Author: Tamer Sahin ts@securityoffice.net http://www.securityoffice.net Tamer Sahin http://www.securityoffice.net PGP Key ID: 0x2B5EDCB0 -----BEGIN PGP SIGNATURE----- Version: PGP 7.1 iQA/AwUBPGOBeruLpFMrXtywEQKW3wCgqbksI86Ux1LfIDwmI7jyq3jX3JgAoPAB lOcQNvFblLfg5xdxVm405wto =d4o/ -----END PGP SIGNATURE-----
