On Mon, Apr 16, 2001 at 04:14:05AM -0700, Mark (Mookie) wrote:
> >Researchers associated with the San Diego Supercomputer Center at the
> >University of California, San Diego have identified multiple
> >implementation flaws in the Alcatel Speed Touch ADSL "modem" (actually
> >an ADSL-Ethernet router/bridge). These flaws can allow an intruder to
> >take complete control of the device, including changing its
> >configuration, uploading new firmware, and disrupting the
> >communications between the telephone central office providing ADSL
> >service and the device.
>
> Weren't these issues actually discovered by Renaud Deraison in November 2000?
To make a long story short : "no". I just noted that these modems
are installed passwordless (talk about a "discovery"), whereas
this advisory comes with a lot of new other interesting stuff.
These are brand new flaws, and they even possibly imply brand new Nessus
scripts for them ;)
-- Renaud
--
Renaud Deraison
The Nessus Project
http://www.nessus.org
