In association with heise online

27 May 2011, 15:33

Allied Telesis divulges secret backdoor

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Zoom Allied Telesis explains how to access its equipment.

Allied Telesis accidentally put information about the backdoors present in all of its products into the support area on its web site. The Japanese manufacturer of network equipment describes how locked out users can, depending on the device, gain access with a standard login. In other cases, the MAC address can be used to generate the password for the backdoor. The manufacturer even offered the requisite password lists and generators as downloads. The instructions can be found through Google, though they are now only in Google's cache; the information has since been removed from the web site.

The last paragraph makes it clear that publication must have been unintentional: "PLEASE NOTE the Backdoor Passwords listed here are INTERNAL ONLY. Do not give this information freely to any customer as this can compromise a network."


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit