In-Reply-To: <20030626030355.GA10951@istc.kg> This is clearly a malicious attempt to harm company product. No such hack exists, and this has been verified already by all relevant entities. Strongly recommended that placing such a harmful statement on site, should at least be confirmed with the vendor before being made public. Zeev Draer OptiSwitch PM ------------- >Received: (qmail 3370 invoked from network); 25 Jun 2003 21:07:39 -0000 >Received: from outgoing2.securityfocus.com (205.206.231.26) > by mail.securityfocus.com with SMTP; 25 Jun 2003 21:07:39 -0000 >Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) > by outgoing2.securityfocus.com (Postfix) with QMQP > id 117E48F7D7; Wed, 25 Jun 2003 15:07:26 -0600 (MDT) >Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm >Precedence: bulk >List-Id: <bugtraq.list-id.securityfocus.com> >List-Post: <mailto:bugtraq@securityfocus.com> >List-Help: <mailto:bugtraq-help@securityfocus.com> >List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> >List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> >Delivered-To: mailing list bugtraq@securityfocus.com >Delivered-To: moderator for bugtraq@securityfocus.com >Received: (qmail 15715 invoked from network); 25 Jun 2003 20:57:21 -0000 >Date: Thu, 26 Jun 2003 03:03:55 +0000 >From: CrazZzy Slash <slash@istc.kg> >To: bugtraq@securityfocus.com >Subject: OptiSwitch remote root compromise >Message-ID: <20030626030355.GA10951@istc.kg> >Mime-Version: 1.0 >Content-Type: text/plain; charset=us-ascii >Content-Disposition: inline >User-Agent: Mutt/1.4i > >Hello bugtraq :) > >I've found bug in OptiSwitch 400 and 800 series, maybe another series :) So abou >t: then you connecting to the switch via telnet or console you may gain root acc >ess pressing Crtl+C <cr><cr> so you will :) > >Ok here is detailed information... > >Manufactor: >MRV Communications, Inc. >http://www.mrv.com > >Product: >OptiSwitch 400 / 800 series, possibly others (not tested) >http://www.mrv.com/products/line/optiswitch.php > >Exploit: >Press Ctrl+C <cr><cr> while connecting to the switch and you're welcome :) Enjoy > ;) > >Manufactor informed: >No, too busy for this, only for you bugtraq :) > >Date 24.06.2003 > >slash@istc.kg >
