SI
SI
discoversearch

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.
Technology Stocks : Check Point Software (CHKP)
CHKP 174.14-3.4%2:35 PM EST
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  
To: P.M.Freedman who wrote (2595)5/19/1998 12:34:00 PM
From: Mark Oliver  Read Replies (1) of 7150
 
How embarassing for 3 COM.

3Com finds security flaws in LAN switches

By Jim Duffy
Network World Fusion, 5/15/98

3Com Corp. today began issuing a security advisory to users of its CoreBuilder and SuperStack II LAN switches due to widespread distribution of customer service and support logins.

The logins are used for service and recovery procedures, and are issued only by 3Com's Customer Service Organization under conditions of "extreme emergency," such as in the event of a customer losing passwords. 3Com said the logins were published on the Internet by users chatting in a 3Com news group.

Due to the login distribution, 3Com CoreBuilder and SuperStack II switches may be vulnerable to security breaches caused by unauthorized access via these special logins, 3Com said. 3Com is advising customers to log in to their switches via the following usernames and passwords. Users should then proceed to change the password using the switches' Password parameter to prevent unauthorized access.

CoreBuilder 6000/2500 - username: debug, password: synnet

CoreBuilder 7000 - username: tech, password: tech

SuperStack II Switch 2200 - username: debug, password: synnet

SuperStack II Switch 2700 - username: tech, password: tech

Customers should also change the SNMP Community string from the default to a proprietary and confidential identifier known only to authorized network management staff, 3Com said. This is due to the fact that the admin password is available through a specific proprietary MIB variable when accessed through the read/write SNMP community string, the company said.

This issue applies only to the CoreBuilder 2500/6000/3500 and SuperStack II Switch 2200/3900/9300, 3Com said. Fixed versions of software will be available from 3Com for all of these products by May 20, the company said.
Report TOU ViolationShare This Post
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  

HomeMailHotSubjectMarksPeopleMarksKeepersSettings
Terms Of UseContact UsCopyright/IP PolicyPrivacy PolicyAbout UsFAQAdvertise on SI
© 2026 Knight Sac Media.  Data provided by Twelve Data, Alpha Vantage, and CityFALCON News