I've received word that the ZyXEL Prestige 202 router has its administrative telnet/FTP services open on the WAN side too, and preconfigured filters are not applied and do not work properly if applied as-is. In addition, I was able to check out an oldish Prestige 100, and it too was vulnerable, same situation. I suspect that the vast majority of ZyXEL Prestige family routers have this problem. It is less of a problem with non-DSL routers that are not online 24/7, but it is still dangerous enough in any case. The issue must have been around for years... The latest vulnerability info for BID 3161 is now: Vulnerable: ZyXEL Prestige 100 ZyXEL Prestige 202 ZyXEL Prestige 642R ZyXEL Prestige 642R-I Not Vulnerable: ZyXEL Prestige 642M ZyXEL Prestige 642M-I If you have access to a ZyXEL router, check whether admin services are open to the Internet, and let me know about the results. Thanks. Cheers, Dan -- Daniel Roethlisberger <danielat_private> PGP Key ID 0x8DE543ED with fingerprint 6C10 83D7 2BB8 D908 10AE 7FA3 0779 0355 8DE5 43ED
This archive was generated by hypermail 2b30 : Wed Aug 15 2001 - 12:58:00 PDT