Vulnerabilities have become aparant in several of
Alcatel's modems. These models are the
Alcatel
Speed Touch Home ADSL Modem, and the (discontinued) Alcatel 1000 ADSL Network Termination Device (used by BT in their ADSL trials last year.)
This, fortunatly, does
NOT affect the
Alcatel Speed Touch USB modem as provided by
BT(ignite) as some people may fear. However, BT do provide the Speed Touch Pro for
Homechoice customers, but I believe access to
the modems is limited. For those interested, or those who have invested in a Speed Touch Home modem, the vunerabilties are as follows:
VU#211736 - Alcatel ADSL modems grant unauthenticated TFTP access via Bounce Attacks
VU#243592 - Alcatel ADSL modems provide EXPERT administrative account with an easily reversible encrypted password
VU#212088 - Alcatel ADSL modems contain a null default password
VU#490344 - Alcatel ADSL modems provide unauthenticated TFTP access via physical access to the WAN interface
These have impacts such that a remote attacker may be able to gain access and change settings on the modem. More
information about this can
be found from the
SDSC (San Diego Supercomputer Center).
There are several suggested solutions to these vulnerabilities as the full
CERT document explains. I
also recommend checking the original SDSC
document, which suggests that the
Alcatel Speed Touch Pro modem may also be vunerable. Alcatel have released a
press
release. Please note that this is not to do with the new drivers for the Speed Touch USB modem.
If you have any queries, please feel free to e-mail
me or post to our
message boards.
Thanks to Dirk and an Anonymous user on our message boards, who brought this to our attention. (seb: .. and the other couple of people who forwarded the CERT notice too..)
