Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1999: aDSL routers

aDSL routers

David Brumley (dbrumleyGOJU.STANFORD.EDU)
Tue, 13 Apr 1999 23:01:50 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan DeKok: "Re: ARP problem in Windows9X/NT"
Previous message: Iain P.C. Moffat: "Re: Novell Pandora Hack"
Next in thread: Truman Boyes: "Re: aDSL routers"

Welp, aDSL is here.  And at least one manufacturer, flowpoint, sets no
admin password.  It's in the documentation, so I assume the
company already knows about this vulnerability:) System managers
who have aDSL access often overlook this, so I thought I'd point it out.
A quick fix: disable telnet access to all of your aDSL router IP's.
Better fix: set an admin password.

Version tested:
FlowPoint/2000 ADSL Router
FlowPoint-2000 BOOT/POST V4.0.2 (18-Mar-98 12:00)
Software version v1.4.5 built Tue Aug 11 23:20:20 PDT 1998

Cheers,
-db

Next message: Alan DeKok: "Re: ARP problem in Windows9X/NT"
Previous message: Iain P.C. Moffat: "Re: Novell Pandora Hack"
Next in thread: Truman Boyes: "Re: aDSL routers"