Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Arescom NetDSL 800

From: Powertech <powertech () ezkracho com ar>
Date: Thu, 7 Feb 2002 16:35:29 -0300
-----BEGIN PGP SIGNED MESSAGE-----

The Arescom NetDSL 800,  by default has no configurated any kind of
authentification ,  allowing any intruder to log in, affecting may be the
ADSL connection, or using for its own porpouses
example:

[toor@c0ded]@[2]:(~)#telnet 20x.4x.1x.1x8
Trying 20x.4x.1x.1x8...
Connected to 20x.4x.1x.1x8.
Escape character is '^]'.

        ND1060VE-TFA Copyright by ARESCOM 2000


Login Success!
NetDSL>?

                     ******* Console Help Menu *******
Available Command:

add                add objects in talbe
connect          start the connection
delete             delete objects in table
disconnect      disconnect modem connection
help               display this menu again
quit                quit the system
reboot           reboot the router
reset              reset the configuration, and reboot
save              save the configuration
set                 set system parameters
show              display system status
test                system test
upgrade          upgrade the firmware via FTP, TFTP and XMODEM

NetDSL> (there are no such things as level like in ciscos.. etc)

Salutes, bye
--
So we follow our wandering paths, and the very darkness acts as our guide and
our doubts serve to reassure us.
- Jean-Pierre de Caussade, eighteenth-century Jesuit priest


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
MessageID: GuOZrkI/Jb/W0KLqg2VpZatSKb5Xo340

iQEVAwUBPGLXCYhDjf2eob5RAQEqrwf/egEoAS9/BgUfy+vle5R7RbDZLYR7ub01
7f174j14juILxzToPvFYSPKTKz88EOubdb8WJoox3FuIpW4OiM2PnTWPi4PCypUi
3hgdzjpqkhZFEdEpmcjfQEHE2DZMoNENujzN52uw9UbPq+Dts2vTPhJKcMOgLr+F
HWc319olqwap8kQvdy18wVQGsjBN7YoR7cwBERcX/XSOcs3Jld/Hki8TKhD/jmTe
WtdnMNTFXXjfwmE9HK2uctNWSOKHhsPr2sEf4neSGY2qslDOLtiVfK6t5UfG046Z
KUzlMyBrp0mBTn7GQVVxPicGMOa6DKfh9NUIoyMur+8xa5YvP2IDnA==
=GTYB
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: