| VID |
29027 |
| Severity |
40 |
| Port |
23 |
| Protocol |
TCP |
| Class |
TELNET |
| Detailed Description |
The Motorola Vanguard router is configured without password.
The Motorola Vanguard series is a multi-service access routers that supports Small Brach/Home Office(VG 320/340), Medium Branch/Regional Office(VG 6400series), and Large Branch/Central Office(VG 7300series). This device has the port, which can be used as a CTP(Control Terminal Port) for configuration, reporting, and troubleshooting. Once the device is power-up on the network, a remote attacker can access to the CTP when they connects to the CTP by entering "atds0" after the device outputs the OK prompt. It means to gain access to the device without password. Using this vulnerability, a remote attacker can re-configure this device without providing any authentication. |
| Recommendation |
Assign a strong password for this device.
1. Select #8: UPDATE SYSTEM PARAMETERS from the main menu.
2. Then select #1: MANAGER PASSWORD.
3. Type the new password.
You can gain the more information of Vanguard Managed Solutions web site:
http://www.vanguardms.com |
| Related URL |
CVE-1999-0508 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
