[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers
- To: Sabahattin Gucukoglu <mail-dated-1288560724.e8794a@xxxxxxxxxxxxxxxxxxxxxxxx>, "braillenote@xxxxxxxxxxxxxxxxxx" <braillenote@xxxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Warning: BrailleNote Apex Offers Read/Write FTP And Telnet Access To All Comers
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- Date: Fri, 1 Oct 2010 21:57:02 +0000
⠠⠊⠋ ⠃⠁⠙ ⠛⠥⠽⠎ ⠁⠗⠑ ⠕⠝ ⠽⠕⠥⠗ ⠝⠑⠞⠺⠕⠗⠅, ⠽⠕⠥ ⠼⠚⠼⠉⠼⠊;⠗⠑ ⠎⠉⠗⠑⠺⠑⠙ ⠁⠝⠽⠺⠁⠽
t
>-----Original Message-----
>From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx [mailto:full-disclosure-
>bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Sabahattin Gucukoglu
>Sent: Friday, October 01, 2010 2:32 PM
>To: braillenote@xxxxxxxxxxxxxxxxxx
>Cc: full-disclosure@xxxxxxxxxxxxxxxxx; bugtraq@xxxxxxxxxxxxxxxxx; me-
>mates@xxxxxxxxxxxxxxxxxxxxxxxx; support@xxxxxxxxxxxxx
>Subject: [Full-disclosure] Warning: BrailleNote Apex Offers Read/Write FTP
>And Telnet Access To All Comers
>
>BrailleNote Apex offers telnet and FTP access on the standard ports, with
>read/write privilege on the entire file system, to all comers. No
>authentication is required. BrailleNote is unsafe on any network whose
>devices you are not in full charge of, and which (by NAT or firewall) does not
>protect BrailleNote from the Internet.
>
>I am happy and sad. In a chance port scan of my entire network looking for
>interesting services and protocols that were not accounted for by visible
>configuration options in all my devices, I found this disaster staring me in
>the
>face on the least likely candidate of them all. On the one hand, now I don't
>need ActiveStink in order to access my files, over the network, from my Mac.
>I want these services running, for sure (maybe just FTP) but dammit,
>authentication first! On the other hand, there is no doubt my trust in
>HumanWare is badly dented, as I was clearly optimistic that they would, and
>did, do the right thing and secure the device firmware before shipping it.
>Anonymous FTP and telnet are obvious, easily found and effectively
>exploited. If it isn't configurable, it shouldn't be enabled. I am quite
>sure this
>was the case before now. The most likely explanation is a build with a test
>configuration and services for development still in use on the newest model;
>the USB vendor string is further evidence of this. Note to self: that popular
>expression about assumptions turns out to be true.
>
>KeySoft version 9.0.2 build 756, Windows CE 6.0, with telnet and FTP services.
>
>While we await an update that either disables the services or allows the user
>to specify the authentication credentials, do not use your BrailleNote Apex on
>any untrusted network, or if you are network administrator, temporarily
>prohibit these devices from connecting to your networks. If "Bad guys" are on
>your network, the BrailleNote Apex is, alas, easy meat.
>
>Cheers,
>Sabahattin
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/