s0nIc
February 22nd, 2002, 02:45 AM
Alcatel OmniPCX Password File Encrypted Password Access Vulnerability
By default, OmniPCX does not use shadowed passwords. While this is not inherently a vulnerability as OmniPCX systems are not designed for multi-user access, this problem can lead to issues such as local privilege access and elevation when combined with issues such as Bugtraq ID 4127, "Alcatel OmniPCX Default Passwords Vulnerability."
If a remote user is able to gain access to the system via some unprivileged account, it is possible for the user to retrieve the encrypted password hashes and launch a brute force crack attack against them offline. This may be a Chorus OS problem, currently maintained by Sun Microsystems.
Remote: No
Exploit: No exploit is required for this vulnerability.
Reason: Software Designers didn't think much about the security.
By default, OmniPCX does not use shadowed passwords. While this is not inherently a vulnerability as OmniPCX systems are not designed for multi-user access, this problem can lead to issues such as local privilege access and elevation when combined with issues such as Bugtraq ID 4127, "Alcatel OmniPCX Default Passwords Vulnerability."
If a remote user is able to gain access to the system via some unprivileged account, it is possible for the user to retrieve the encrypted password hashes and launch a brute force crack attack against them offline. This may be a Chorus OS problem, currently maintained by Sun Microsystems.
Remote: No
Exploit: No exploit is required for this vulnerability.
Reason: Software Designers didn't think much about the security.