Vulnerability

    pocsag

Affected

    Pocsag v2.05

Description

    Kuji  found  following.   While  playing  with  the  ever fun tool
    Pocsag  v2.05,  he  found  something  interesting.   The client by
    default  accepts  connections  on  port  8000  with  the  password
    'password' even if  the TCP/IP Remote  access on port  xxxx box is
    unchecked.  You  can change the  default port, however  the client
    will still accept connections to  that new port even if  you think
    the access is disabled.  Example:

        firewalker> telnet 127.1 8000

        POC32 2.05 (SHAREWARE) Remote Access Interface

        Password: <enter 'password' here>
        Password not accepted.

        Password:
        Password accepted.

    You don't seem to be able to do much more than view the streams of
    decoded  pager  messages,  but  still  one  would rather know what
    connections is enabling.

Solution

    Set a new  password for remote  access and be  aware that the  box
    don't stop someone trying to brute force it.

        firewalker> telnet 127.1 8000

        POC32 2.05 (SHAREWARE) Remote Access Interface

        Password: <enter 'new password' here>
        Password not accepted.

        Password:
        Password not accepted.

        Password: