Re: FlowPoint DSL router vulnerability

[budke () BUDKE COM (Eric Budke)]

At 12:07 PM 8/7/99 -0400, Scott Drassinower wrote:
> It involves a bug that allows a password recovery feature to be utilized
> from the LAN or WAN instead of just the serial console port.
>
> Basically, throwing enough 6 digit numbers at a pre-3.0.8 router will
> allow you to get access to the box to do whatever you want.  It appears as
> if the problem started in 3.0.4, but I am not totally certain about that.

So the vulnerability is essentially a brute force against telnet/snmp?
Assuming you filter those out, is there another way of accessing?

> --
>  Scott M. Drassinower                                       scottd () cloud9 net
>  Cloud 9 Consulting, Inc.                                    White Plains, NY
>  +1 914 696-4000                                        http://www.cloud9.net
>
> On Thu, 5 Aug 1999, Matt wrote:
>
> > The following URL contains information about a firmware upgrade for
> > FlowPoint DSL routers that fixes a possible "security compromise".
> > FlowPoint has chosen not to release ANY information whatsoever about the
> > vulnerability. I was curious if anyone had any more information
> > about this vulnerability than what FlowPoint is divulging.
> >
> > http://www.flowpoint.com/support/techbulletin/sec308.htm
> >
> > thnx
> >
> > --
> > I'm not nice, I'm vicious--it's the secret of my charm.

--
PGP Key can be found at http://www.panix.com/~budke/pgp/budke_budke_com.txt