Overview
The OmniSwitch 7700/7800 running Alcatel Operating System (AOS) version 5.1.1 has TCP port 6778 listening as a telnet server. This gives anyone access to the OmniSwitch's Vx-Works operating system without requiring a password.
Description
During an NMAP audit of the AOS 5.1.1 code that runs on the Alcatel OmniSwitch 7700/7800 LAN switches, it was determined a telnet server was listening on TCP port number 6778. This was used during development to access the Wind River Vx-Works operating system. Due to an oversight, this access was not removed prior to product release. |
Impact
Anyone running NMAP on AOS 5.1.1 will see port 6778 listening. The attacker is able to telnet to the port and access the OmniSwitch operating system without a password. This backdoor compromises the entire system. |
Solution
1) Immediate - create an ACL blocking all access to TCP port 6778. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Alcatel for reporting this vulnerability.
This document was written by Alcatel's Olivier Paridaens and Jeff Hayes. This document was published by Ian A. Finlay.
Other Information
| CVE IDs: | CVE-2002-1272 |
| CERT Advisory: | CA-2002-32 |
| Severity Metric: | 49.50 |
| Date Public: | 2002-11-20 |
| Date First Published: | 2002-11-20 |
| Date Last Updated: | 2002-11-21 18:09 UTC |
| Document Revision: | 20 |