Bugtraq mailing list archives

Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass

From: jn () hz6 de
Date: 21 Jan 2007 13:25:35 -0000

I maintain an alternative firmware for the Speedport series and can confirm the flaw in the following firmwares:
Speedport W500V Firmware T-Com 1.30
Speedport  500V Firmware T-Com 1.31

Speedport W500V Firmware mod500
Speedport  500V Firmware mod500
Targa WR500 VoIP Firmware mod500

I'm 99% certain that the original firmware for the Targa is also concerned.

CORRECTION
White the description of the security flaw is correct, please notice:
Installing a new firmware does NOT change the system password!

Current thread:

Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass advisory07 (Jan 19)
- Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass security () yospot de (Jan 22)
- <Possible follow-ups>
- Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass jn (Jan 22)