Welp, aDSL is here. And at least one manufacturer, flowpoint, sets no admin password. It's in the documentation, so I assume the company already knows about this vulnerability:) System managers who have aDSL access often overlook this, so I thought I'd point it out. A quick fix: disable telnet access to all of your aDSL router IP's. Better fix: set an admin password. Version tested: FlowPoint/2000 ADSL Router FlowPoint-2000 BOOT/POST V4.0.2 (18-Mar-98 12:00) Software version v1.4.5 built Tue Aug 11 23:20:20 PDT 1998 Cheers, -db
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:42:23 PDT