[ http://www.rootshell.com/ ]

Date:         Thu, 10 Dec 1998 15:16:37 +0100
From:         "Mr. SteelFire" <steelfire@PLUTTEN.HL.LU.SE>
Subject:      Lousy password handling in BreezeCOM

BreezeCOM adapters are used in wireless LAN environments and like any
communication device (switches, routers etc.) you need a password to access
the adapter.

BreezeCOM has choosed to use a burned-in factory standard password for their
adapters which really is a stupid way to handle this. They have different
passwords for different version which you cannot change and the passwords
are the following:

4.x     Super
3.x     Master
2.x     laflaf

As far as I'm concerned the passwords above works with SA (Station Adapter)
10, SA 40 and AP (Access Point) 10. One thing that should be pointed out is
that it's not possible to access the adapters remote (not telnet etc.) so
the security problem is local.

/Steelfire
(Not the game, the real me.)

---------------------------------------------------------------------------

Date:         Thu, 10 Dec 1998 20:21:43 +0100
From:         Thilo Hille <hille@DARKGATE.EQUINOXE.DE>
Subject:      Re: Lousy password handling in BreezeCOM

as far as i know its possible to set installerrights via snmp. there is also
a kind of DOS in the way of updating the firmware. the tftpserver requires
no authorization to upload the firmware and reset. so someone could easily
upload any file. after that you have to send the affected device to
breezecom to get a new firmware cause the tftpserver is part of the
firmware....

the only protection is to set up no ip-configuration.


Thilo Hille
Equinoxe Internet Galerie
Adlerstr.7
79098 Freiburg

Fon   : 0761-382263
Fax   : 0761-382265
email : hille@equinoxe.de
***** www.equinoxe.de *******