Bugtraq mailing list archives

Re: FlowPoint DSL router vulnerability

From: scottd () CLOUD9 NET (Scott Drassinower)
Date: Sat, 7 Aug 1999 12:07:05 -0400


It involves a bug that allows a password recovery feature to be utilized
from the LAN or WAN instead of just the serial console port.

Basically, throwing enough 6 digit numbers at a pre-3.0.8 router will
allow you to get access to the box to do whatever you want.  It appears as
if the problem started in 3.0.4, but I am not totally certain about that.

--
 Scott M. Drassinower                                       scottd () cloud9 net
 Cloud 9 Consulting, Inc.                                    White Plains, NY
 +1 914 696-4000                                        http://www.cloud9.net

On Thu, 5 Aug 1999, Matt wrote:

The following URL contains information about a firmware upgrade for
FlowPoint DSL routers that fixes a possible "security compromise".
FlowPoint has chosen not to release ANY information whatsoever about the
vulnerability. I was curious if anyone had any more information
about this vulnerability than what FlowPoint is divulging.

http://www.flowpoint.com/support/techbulletin/sec308.htm

thnx

--
I'm not nice, I'm vicious--it's the secret of my charm.

Current thread:

FlowPoint DSL router vulnerability Matt (Aug 05)
- Re: FlowPoint DSL router vulnerability Scott Drassinower (Aug 07)
- <Possible follow-ups>
- Re: FlowPoint DSL router vulnerability Chris Shenton (Aug 06)
- Re: FlowPoint DSL router vulnerability Eric Budke (Aug 10)
  - Re: FlowPoint DSL router vulnerability Scott Drassinower (Aug 10)
    - Re: FlowPoint DSL router vulnerability Peter Radcliffe (Aug 10)
    - Re: FlowPoint DSL router vulnerability Chris J Burris (Aug 10)
  - Re: FlowPoint DSL router vulnerability shusaku (Aug 10)