Subject: =?iso-8859-1?Q?RE=3A_Backdoor_in_Fortinet=B4s_firewall_Fortigate?=
Date: Thu, 2 Jun 2005 12:01:32 -0700
Message-ID: <72FE7F2E68051246B961B44297180E7DE7C1@indigo.Blueedge.local.>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: =?iso-8859-1?Q?Backdoor_in_Fortinet=B4s_firewall_Fortigate?=
thread-index: AcVnn77Vf7VyPzkQQTKCCI+6sNR+hQABQ3/g
From: "Matt Gibson" <Mattg@blueedgetech.ca.>
To: "Johan Andersson" <andersson@one.se.>, <bugtraq@securityfocus.com.>
X-Virus-Scanned: antivirus-gw at tyumen.ru
I fail to see how this is a "backdoor".
This is how one would reset their master password on the device.
Physical access always trumps all other forms of security.
Cisco routers can have their password reset if you gain physical access =
to them as well.
And (if nothing else), this method is not new, and is well documented by =
Fortigate.
Matt Gibson - GSEC FCSE
-----Original Message-----
From: Johan Andersson [mailto:andersson@one.se.]=20
Sent: June 1, 2005 4:10 PM
To: [email protected]Subject: Backdoor in Fortinet=B4s firewall Fortigate
If you have console access to this box, you are able to get root access=20
or more by using the Username: maintainer
Password: pbcpbn[here should you type the serialnr. of the box, the=20
characters should be in Capital letters.]
FortiOS: 2.x
Regards
Johan Andersson
Atea Security, Sweden
Phone: +46-709-19 71 76
Mail: [email protected]
