|
|
 |
| New User, Welcome! Login |
Re: hacking the mitsubishi GB-50A
| From: |
Chris Withers <chris simplistix co uk> |
| To: |
"Steven M Christey" <coley mitre org> |
| Cc: |
bugtraq securityfocus com |
| Subject: |
Re: hacking the mitsubishi GB-50A |
| Date: |
Wed - Mar 26, 2008 10:34 AM |
Steven M. Christey wrote:
> However, if all dip switches are off, the unit can defer to
> configuration as provided via an "Initial Setting Web".
Yeah, I had no idea what this meant either. Same goes for Mitsubishi's
UK tech support...
> be used to set the IP address (page 13). There is no statement that
> the tool restricts which address can be set, nor is there a
> recommendation that only local addresses should be used.
Indeed.
> It doesn't seem like much of a stretch that an admin might want to
> modify the address to something other than private addresses. Whether
> the Initial Setting Web will allow this is another question, but if
> so, then the scope of attack widens considerably.
Yep. I think the manual should really say "this device should be
connected directly to the ethernet socket of a computer, and that
computer should have locked down software to prevent unauthorised people
bypassing the security on the GB-50A".
I find it slightly scary that someone might have one of these on a
network that controls something like data centre aircon, and that an
attacker can scan for it trivially (what answers on port 80 with a 200
to a GET for /en/administrator.html) and turn off all the aircon in the
data centre...
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
