|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Renaud Deraison (deraison
CVS.NESSUS.ORG)Date: Mon Apr 16 2001 - 15:40:48 CDT
On Mon, Apr 16, 2001 at 04:14:05AM -0700, Mark (Mookie) wrote:
> >Researchers associated with the San Diego Supercomputer Center at the
> >University of California, San Diego have identified multiple
> >implementation flaws in the Alcatel Speed Touch ADSL "modem" (actually
> >an ADSL-Ethernet router/bridge). These flaws can allow an intruder to
> >take complete control of the device, including changing its
> >configuration, uploading new firmware, and disrupting the
> >communications between the telephone central office providing ADSL
> >service and the device.
>
> Weren't these issues actually discovered by Renaud Deraison in November 2000?
To make a long story short : "no". I just noted that these modems
are installed passwordless (talk about a "discovery"), whereas
this advisory comes with a lot of new other interesting stuff.
These are brand new flaws, and they even possibly imply brand new Nessus
scripts for them ;)
-- Renaud
-- Renaud Deraison The Nessus Project http://www.nessus.org
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]