[ http://www.rootshell.com/ ] Date: Thu, 10 Dec 1998 15:16:37 +0100 From: "Mr. SteelFire" Subject: Lousy password handling in BreezeCOM BreezeCOM adapters are used in wireless LAN environments and like any communication device (switches, routers etc.) you need a password to access the adapter. BreezeCOM has choosed to use a burned-in factory standard password for their adapters which really is a stupid way to handle this. They have different passwords for different version which you cannot change and the passwords are the following: 4.x Super 3.x Master 2.x laflaf As far as I'm concerned the passwords above works with SA (Station Adapter) 10, SA 40 and AP (Access Point) 10. One thing that should be pointed out is that it's not possible to access the adapters remote (not telnet etc.) so the security problem is local. /Steelfire (Not the game, the real me.) --------------------------------------------------------------------------- Date: Thu, 10 Dec 1998 20:21:43 +0100 From: Thilo Hille Subject: Re: Lousy password handling in BreezeCOM as far as i know its possible to set installerrights via snmp. there is also a kind of DOS in the way of updating the firmware. the tftpserver requires no authorization to upload the firmware and reset. so someone could easily upload any file. after that you have to send the affected device to breezecom to get a new firmware cause the tftpserver is part of the firmware.... the only protection is to set up no ip-configuration. Thilo Hille Equinoxe Internet Galerie Adlerstr.7 79098 Freiburg Fon : 0761-382263 Fax : 0761-382265 email : hille@equinoxe.de ***** www.equinoxe.de *******