hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
qcred11
Jun 30 2004, 07:21 PM
QUOTE


Hi, have not much time so here is the thing... There's a bug in the DSL
router Prestige 650HW-31, you just post a long string as password and the
router resets it self so is very easy to make a DNS to this router if people
doesnt have the aproppiate filters on port 80 (I didnt tried on Telnet).
This routers are very sold in Spain by Telefonica de Espaņa so spanish
people shouldt take a little care and setup their ports properly. The manual
is in Zyxel webpage so please dont ask me that sort of things. The router
come again online after the reset and syncronize DSL perfectly again.
Software in the router is that shit of Rompager/4.7, maybe its not ok
because I took this with a sniffer from the http header cos I dont have
access to the router I tested.


į u Sami



Source: http://seclists.org/lists/bugtraq/2004/Jun/0472.html
tweakz20
Jun 30 2004, 10:33 PM
ok, who openly says "cos I dont have access to the router I tested. "

http://www.zyxel.com/product/model.php?ind...alue=1021873638 there's the product.. still being sold!

how much you weanna bet this kid didn't even tell the manufacturer before posting? blink.gif
xlulux
Jul 1 2004, 12:24 AM
i dont really find the use of making it crash besides making the user notice and then call your isp...


if you gonna try anything remember that if they are mainly in spain you shuold plan your attacks timely
easternerd
Jul 5 2004, 09:30 AM
They are sold and marketed in many countries.
Many ISPS who provide DSL last mile connectivity for SOHO business provide Zyxel routers .
As far as i know even other models of Prestige routers are vulnerable.
But i never reported it b4.
It only works on Web based interface though. not the telnet interface.
i would advise people to shut down port 80 acccess from the Wan Interface.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.