PureBytes Links
Trading Reference Links
|
** Security Flaw Found in Common DSL Modem
Prominent network-security experts say they have identified
multiple vulnerabilities in a widely used DSL modem that can lead
to unauthorized access and monitoring, denial of service, and
permanent disabling of the device.
Researchers at the San Diego Supercomputer Center (SDSC)
identified several flaws in "Speed Touch" ADSL modems made by
French telecom-equipment maker Alcatel. One problem is a back
door that completely bypasses any passwords users may have set on
the device. Intruders can potentially log on to the modem with
the user name "expert" and change or delete embedded software.
While testing was performed on the "Speed Touch Home" model, it's
strongly suspected that other members of the same product family
also share the vulnerability.
The affected modems are distributed to customers by DSL
providers, including SBC Communications and Bell South. Alcatel
is the world's leading DSL-modem maker and claims to have more
than 1.6 million units installed worldwide.
A spokesman for Alcatel says the company is working with the SDSC
and the Computer Emergency Response Team at Carnegie Mellon
University to determine exactly which modems and how many
customers are affected. He says they know of no instances where
any user has been compromised. Users of Alcatel DSL modems can
keep track of developments at
http://update.informationweek.com/cgi-bin4/flo?y=eDPY0BcmhK0V20Ml70AD
|