This vulnerability has been patched successfully by the vendor as tests by various parties have demonstrated, more details here:
http://cytrap.eu/blog/?p=133 Happy Holidays Urs E. Gattiker CyTRAP Labs and www.CASEScontact.org At 21:23 2006-10-04, you wrote: >------------------------------ > >Message: 2 >Date: Wed, 04 Oct 2006 13:56:27 +0200 >Subject: [Full-disclosure] Tele2 - Versatel and Vivendi - exploit >To: full-disclosure@lists.grok.org.uk >Message-ID: <[EMAIL PROTECTED]> >Content-Type: text/plain; charset="us-ascii"; format=flowed > >Tele 2 has recently announced that it is selling its Benelux assets >to Versatel and yesterday it informed the media that it intends to do >the same with its French assets, selling those to Vivendi. > >The company that touts itself as providing economical broadband and >telecommunication services does, however, have a slight problem >regarding information security. > >A vulenrability is being taken advantage off by various groups of >people and, in turn, this could harm home users that receive their >broadband and fixed-line services from Tele2. > >In fact, several security features can be de-activated allowing a >malicious user to take control of a user's PC, his broadband >connection as well as his phone line as described here with a screen shot: > >http://cytrap.eu/blog/?p=57 > >This is another example where user's face risks regarding their >internet connection they might not even be aware of. Another one of >those is the recent Fon example also circulated on this list. > >Urs E. Gattiker >CyTRAP Labs & CASEScontact.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/