https://www.exploit-db.com/exploits/20892
https://www.securityfocus.com/bid/88839
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200106-085

运行XL80IMVersion5.5BuildLevel2版本的Crosscom/OlicomXLT-F存在漏洞。远程攻击者SNMP可以借助默认的未公开的社区字符串’ILMI’来读和写访问。

source: http://www.securityfocus.com/bid/2802/info

Olicom routers were previously manufactured and distributed by Olicom, a company now owned by Intel. Olicom routers provide a low-cost routing solution for small businesses.

A problem with Olicom routers could allow unauthorized access to certain configuration variables within the device. The ILMI SNMP Community string allows read and write access to certain configuration parameters such as the organization to which the routers belongs. These parameters do not affect normal operation, but could be used further in a social engineering attack.

This problem makes it possible for a remote user to launch a social engineering attack, potentially gaining unauthorized access to the device. 

snmpwalk router ILMI |more

Crosscom Olicom Xlt-F 0

来源:OVAL
名称:oval:org.mitre.oval:def:5718
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5718
来源:BUGTRAQ
名称:200103ILMIcommunityinolicom/crosscommrouters
链接:http://archives.neohapsis.com/archives/bugtraq/2001-03/0364.html