Re: Remote Administrator 2.x: highly possible remote hole or backdoor
Hello, LordInfidel@xxxxxxxxxxxxxxxx!
You wrote to "'Pavel Levshin'" <flicker@xxxxxxxxxxxx>;
<bugtraq@xxxxxxxxxxxxxxxxx> on Wed, 18 Feb 2004 13:58:58 -0500:
L> From reading the thread on famatech's site, this looks more like a weak
L> password issue, which is true of "ANY" piece of software
L> using simple password authentication.
The password mentioned there was word "sharpest" (which is not Very Best
choice, but...). The attacker was able to connect on second attempt (first
after portscan, actually). There must be GREAT optimization of dictionary
attack to achieve such result.
With best regards, Pavel Levshin. E-mail: flicker@xxxxxxxxxxxx