Vulnerability

    Microcom

Affected

    Compaq/Microcom 6000 integrators

Description

    Alec  Kosky  found  following.   There  is  a  DoS  as  well  as a
    brute-force password attack on  these systems (4.0.13 for  MNC and
    PRI card).   The denial of  service problem is  this: there is  no
    timeout when  typing in  the username  and password  - from what I
    have seen, a user can make  a telnet connection to the MNC  or PRI
    card and leave the connection open indefinitely. If the user  only
    has one connection  open, then this  is not problem.  However, the
    system will not accept more than 4 telnet connections at one time.
    Thus,  a  malicious  user/hacker  could  open 4 telnet connections
    to either (or both cards)  and deny all legitimate connections  to
    the card.

    The other problem is that the system does not close the connection
    after a  specified number  of invalid  login attempts.   A program
    such  as  'crack'  could  be  modified  to work over a network and
    attempt to guess the administrator's password.

    Assuming that since  the 6000 Acess  Integrator is their  flagship
    model, these problems are present in all Acess Integrator models.

Solution

    Microcom support advise people to turn off telnet access.  That's
    it - there was a message in their call reference that there is no
    plans to upgrade or modify the pShell (pSOS).