Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Jacek Lipkowski (sq5bpfACID.CH.PW.EDU.PL)
Date: Sun Mar 25 2001 - 03:53:52 CST
Crosscomm/Olicom routers have a undocumented community string ILMI
(yes, the same as in cisco :) that has read and write permissions (i
didn't check the whole tree, but you can set system.sysContact.0 for
example). This was checked on a XLT-F router with software 'XL 80 IM
Version 5.5 Build Level 2' (this was what it reported via snmp).
The vendor hasn't been notified, as it doesn't exist (olicom sold their
router business to Intel, don't know what happened to it later).
You can consider this a serious vulnerability, because people will find it
while looking for vulnerable cisco routers.