[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: APC Management Vulnerability
From: garys () totalserversolutions ! com
Date: 2007-11-29 14:41:38
Message-ID: 20071129144138.31239.qmail () securityfocus ! com
[Download RAW message or body]
We have found a security exploit in the latest APC firmware versions for there \
switched rack PDU products. We have only tested this against the version listed below \
on a AP7932 0u 30amp PDU.
Name: rpdu
Version: v3.5.5
Date: 07/18/2007
Time: 11:38:29
Name: aos
Version: v3.5.6
Date: 07/18/2007
Time: 10:24:55
Date Reported to APC: 11-28-2007
Discovered by:
Gary Simat of Total Server Solutions LLC
Randy Kent of Sevaa Group Inc
Steps to reproduce:
1) login to the APC as a user from computer 1
2) Then attempt to login from another computer (we will call this computer 2), the \
User Name and Password will not be editable, so just click Log On. It will say \
someone is already logged in. leave this page up. 3) logout of computer 1
4) simply hit refresh on computer 2 and select to resend the headers. you will be \
logged in as the previously authenticated user.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic