On Mon, Apr 16, 2001 at 04:14:05AM -0700, Mark (Mookie) wrote: > >Researchers associated with the San Diego Supercomputer Center at the > >University of California, San Diego have identified multiple > >implementation flaws in the Alcatel Speed Touch ADSL "modem" (actually > >an ADSL-Ethernet router/bridge). These flaws can allow an intruder to > >take complete control of the device, including changing its > >configuration, uploading new firmware, and disrupting the > >communications between the telephone central office providing ADSL > >service and the device. > > Weren't these issues actually discovered by Renaud Deraison in November 2000? To make a long story short : "no". I just noted that these modems are installed passwordless (talk about a "discovery"), whereas this advisory comes with a lot of new other interesting stuff. These are brand new flaws, and they even possibly imply brand new Nessus scripts for them ;) -- Renaud -- Renaud Deraison The Nessus Project http://www.nessus.org
This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 23:36:20 PDT