Alcatel Operating System
Created 11/22/02
CAN 2002-1272
Impact
Exploitation of a backdoor in Alcatel Operating System (AOS) version 5.1.1
could lead to full administrative control of the device running AOS, e.g.,
switches in the Alcatel OmniSwitch 7000 series.
Background
AOS typically runs on network infrastructure devices, such as the
Alcatel OmniSwitch 7000 series switch.
The Problem
While performing a routine audit of AOS 5.1.1 running on Alcatel OmniSwitch
7700/7800 LAN switches, Alcatel determined that a telent server was running on
port 6778. This telnet server was used during system development, and was
inadvertently not removed at the time of product release. Since the telnet
server has no password, an attacker can gain full access to any device running
AOS version 5.1.1. This could result in unauthorized access, unauthorized
monitoring, information leakage, or denial of service.
Resolution
Upgrade to AOS 5.1.1.R02 or AOS 5.1.1.R03 by contacting Alcatel's
Customer Support.
In the interim, it may be helpful to block access to port 6778/TCP at your
network perimeter.
Where can I read more about this?
This vulnerability was reported in
CERT Advisory 2002-32.
It is also described in
CERT Vulnerability Note VU#181721
which was written by Alcatel.