⠠⠊⠋ ⠃⠁⠙ ⠛⠥⠽⠎ ⠁⠗⠑ ⠕⠝ ⠽⠕⠥⠗ ⠝⠑⠞⠺⠕⠗⠅, ⠽⠕⠥ ⠼⠚⠼⠉⠼⠊;⠗⠑ ⠎⠉⠗⠑⠺⠑⠙ ⠁⠝⠽⠺⠁⠽
t >-----Original Message----- >From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure- >boun...@lists.grok.org.uk] On Behalf Of Sabahattin Gucukoglu >Sent: Friday, October 01, 2010 2:32 PM >To: braillen...@list.humanware.com >Cc: full-disclosure@lists.grok.org.uk; bugt...@securityfocus.com; me- >ma...@sabahattin-gucukoglu.com; supp...@humanware.com >Subject: [Full-disclosure] Warning: BrailleNote Apex Offers Read/Write FTP >And Telnet Access To All Comers > >BrailleNote Apex offers telnet and FTP access on the standard ports, with >read/write privilege on the entire file system, to all comers. No >authentication is required. BrailleNote is unsafe on any network whose >devices you are not in full charge of, and which (by NAT or firewall) does not >protect BrailleNote from the Internet. > >I am happy and sad. In a chance port scan of my entire network looking for >interesting services and protocols that were not accounted for by visible >configuration options in all my devices, I found this disaster staring me in >the >face on the least likely candidate of them all. On the one hand, now I don't >need ActiveStink in order to access my files, over the network, from my Mac. >I want these services running, for sure (maybe just FTP) but dammit, >authentication first! On the other hand, there is no doubt my trust in >HumanWare is badly dented, as I was clearly optimistic that they would, and >did, do the right thing and secure the device firmware before shipping it. >Anonymous FTP and telnet are obvious, easily found and effectively >exploited. If it isn't configurable, it shouldn't be enabled. I am quite >sure this >was the case before now. The most likely explanation is a build with a test >configuration and services for development still in use on the newest model; >the USB vendor string is further evidence of this. Note to self: that popular >expression about assumptions turns out to be true. > >KeySoft version 9.0.2 build 756, Windows CE 6.0, with telnet and FTP services. > >While we await an update that either disables the services or allows the user >to specify the authentication credentials, do not use your BrailleNote Apex on >any untrusted network, or if you are network administrator, temporarily >prohibit these devices from connecting to your networks. If "Bad guys" are on >your network, the BrailleNote Apex is, alas, easy meat. > >Cheers, >Sabahattin > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
