Hello We're and ISP and have several dedicated customers over ISDN lines, using TA's such as the Motorola Bitsurfr Pro and the 3com Impact IQ. So far, I didn't find either of these ISDN modems to be vulnerable, but while testing, I came up with the idea of using this 'feature' to 'patch' a vulnerable modem: ping -c 1 -p 2b2b2b415453323d32353526574f310d host this sends a single packet with the string + + + ATS2=255&WO1 (No spaces, of course) to the host, which changes the escape char remotely. It also sends the O1 command, which is supposed to bring the modem out of command mode and maintain the connection, however, I found that most modems just hung up, possibly because of the &w command. Why is this useful? Well I've used it to remotely patch the modems of several customers which have dedicated analog lines with us. 6 of the 11 modems I tested were vulnerable, the patch worked on all 6, but only 2 of them were able to maintain the connection after the &w. I tested 2 Terminal adapters, neither were vulnerable. -Adrian Gonzalez
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:17:59 PDT