Alcatel LAN Switches Open to Attack

A back door in the OS that runs on some Alcatel switches lets an attacker gain complete control of the switch.

A back door in the operating system that runs on some of Alcatel Internetworking Inc.s LAN switches enables an attacker to gain complete control of the switch.

The problem affects the Alcatel OmniSwitch 7700 and 7800 running version 5.1.1 of the Alcatel Operating System. The back door is actually a Telnet server that Alcatel installed in the operating system during the development process.

The developers used the server to access Wind River Systems Inc.s Vx-Works operating system and forgot to remove it before the product hit the market.

The server listens on TCP port 6778, and an attacker who was able to connect to an affected switch would be able to monitor any traffic going through the switch, cause a denial of service or take other such actions, according to an advisory on the problem issued Thursday by the CERT Coordination Center.

The 7000 series switches are the lower end of Alcatels line. The high-capacity 8800 switch isnt affected by this problem.

Alcatel, based in Calabasas, Calif., recommends that customers upgrade to version 5.1.1.R02 or R03 to eliminate the vulnerability.

The CERT advisory is available here.