| VID |
29090 |
| Severity |
40 |
| Port |
80 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The 3Com network equipment has an web management interface enabled with default passwords.
Numerous 3Com products are often shipped with default passwords, which could allow potential unauthorized access. A remote attacker could use these default passwords to gain remote access to your switch and then reconfigure the switch. The following logins are well known default passwords for 3Com equipments:
Username: admin, Password: <blank>
Username: tech, Password: <blank>
Username: adm, Password: <blank>
Username: admin, Password: synnet
Username: debug, Password: synnet
Username: tech, Password: tech
Username: read, Password: synnet
Username: write, Password: synnet
Username: monitor, Password: monitor
Username: manager, Password: manager
Username: security, Password: security
* References:
http://www.phenoelit.de/dpl/dpl.html
http://www.securiteam.com/securitynews/5RR080A1TS.html
http://www2.fedcirc.gov/alerts/advisories/1998/txt/fedcirc.98.42.txt
http://www.ciac.org/ciac/bulletins/i-052.shtml
http://www.cotse.com/sw/router/3com-superstack.txt
* Platforms Affected:
3Com CoreBuilder 7000/6000/3500/2500 Any version
3Com SuperStack II Switch 2200/2700 Any version
3Com LinkSwitch 2000/2700 Any version
3Com LANplex 2500 Any version
3Com CellPlex 7000 Any version
Various 3Com network equipments |
| Recommendation |
Change all default passwords to 'non-guessable' ones and remove any 'backdoor' accounts.
Disable any unnecessary services such as a web server. Avoid using web management interfaces and insecure protocols such as SNMPv1.
Contact your vendor for more details. |
| Related URL |
CVE-1999-0508 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
1374 (ISS) |
|
