aDSL routers

From: David Brumley (dbrumleyat_private)
Date: Tue Apr 13 1999 - 23:01:50 PDT

Next message: Stu Alchor: "Possible WU-ftpd Worm ?"

Previous message: Iain P.C. Moffat: "Re: Novell Pandora Hack"
Next in thread: Brad Zimmerman: "aDSL routers"
Next in thread: Joe Shaw: "Re: aDSL routers"
Reply: Joe Shaw: "Re: aDSL routers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Welp, aDSL is here.  And at least one manufacturer, flowpoint, sets no
admin password.  It's in the documentation, so I assume the
company already knows about this vulnerability:) System managers
who have aDSL access often overlook this, so I thought I'd point it out.
A quick fix: disable telnet access to all of your aDSL router IP's.
Better fix: set an admin password.

Version tested:
FlowPoint/2000 ADSL Router
FlowPoint-2000 BOOT/POST V4.0.2 (18-Mar-98 12:00)
Software version v1.4.5 built Tue Aug 11 23:20:20 PDT 1998

Cheers,
-db

Next message: Stu Alchor: "Possible WU-ftpd Worm ?"
Previous message: Iain P.C. Moffat: "Re: Novell Pandora Hack"
Next in thread: Brad Zimmerman: "aDSL routers"
Next in thread: Joe Shaw: "Re: aDSL routers"
Reply: Joe Shaw: "Re: aDSL routers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:42:23 PDT