Telecom Italia Alice Pirelli routers Backdoor from internal LAN/WAN

Exploit for hardware platform in category remote exploits =================================================================== Telecom Italia Alice Pirelli routers Backdoor from internal LAN/WAN =================================================================== saxdax & drpepperONE Discovered...

Telecom Italia Alice Pirelli routers backdoor discoverd to activate telnet/ftp/tftp from internal LAN/WLAN.

saxdax & drpepperONE Discovered embedded backdoor to activate telnet/ftp/tftp/web extended admin interface with Admin privileges, from internal network lan on Alice ADSL CPE Modem/Router, manufactered by Pirelli based on Broadcom platform. saxdax & drpepperONE Router Vendor: Alice Telecom Italia...

alicetelecom-backdoor.txt

saxdax & drpepperONE Discovered embedded backdoor to activate telnet/ftp/tftp/web extended admin interface with Admin privileges, from internal network lan on Alice ADSL CPE Modem/Router, manufactered by Pirelli based on Broadcom platform. saxdax & drpepperONE Router Vendor: Alice Telecom Italia...

Telecom Italia Alice Pirelli routers - Backdoor from internal LAN/WAN

saxdax & drpepperONE Discovered embedded backdoor to activate telnet/ftp/tftp/web extended admin interface with Admin privileges, from internal network lan on Alice ADSL CPE Modem/Router, manufactered by Pirelli based on Broadcom platform. saxdax & drpepperONE Router Vendor: Alice Telecom Italia...

Telecom Italia Alice Pirelli routers - Backdoor from internal LANWAN

Telecom Italia Alice Pirelli routers - Backdoor from internal LANWAN saxdax & drpepperONE Discovered embedded backdoor to activate telnet/ftp/tftp/web extended admin interface with Admin privileges, from internal network lan on Alice ADSL CPE Modem/Router, manufactered by Pirelli based on Broadco...

Telecom Italia Alice Pirelli routers backdoor

Specially constructed IP packet causes router's telnet/ftp/tftp functions to be activated...

Authentication Capture: Telnet

This module provides a fake Telnet service that is designed to capture authentication credentials. DONTs and WONTs are sent to the client for all option negotiations, except for ECHO at the time of the password prompt since the server controls that for a bit more realism. This module requires...

Default Password (rootme) for 'root' Account

The account 'root' on the remote host has the password 'rootme'. An attacker may leverage this issue to gain total control of the affected system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "root"; password = "rootme"; include'deprecatednasllevel.inc'; include'compat.inc'; if...

Gentoo Security Advisory GLSA 200504-28 (Heimdal)

The remote host is missing updates announced in advisory GLSA 200504-28. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200504-01 (telnet)

The remote host is missing updates announced in advisory GLSA 200504-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200504-28 (Heimdal)

The remote host is missing updates announced in advisory GLSA 200504-28. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200504-01 (telnet)

The remote host is missing updates announced in advisory GLSA 200504-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200504-04 (telnet)

The remote host is missing updates announced in advisory GLSA 200504-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200504-04 (telnet)

The remote host is missing updates announced in advisory GLSA 200504-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security flaw in Airtel DSL modems

Hi, I've found a few problems with the way DSL modems by a vendor Bharti and provided by Airtel an Indian ISP are setup. I've been talking with Airtel on this over the past couple of months to try to get them to close the vulnerability. They feel that they have addressed the issue appropriately...

Parallels Plesk Shortnames功能邮件中继漏洞

BUGTRAQ ID: 30956 Plesk是用于管理站点的综合控制面板解决方案。 在Plesk中如果为邮件登录启用了SHORTNAMES=1功能的话，QMAIL就会在AUTH LOGIN认证期间接受任何以有效shortname开始的base64编码用户名。这允许攻击者登录到plesk认证模块所保护的邮件或其他服务，通过获得的smtp认证权限中继垃圾邮件。 必须要从smtpspsa删除SHORTNAMES=1才可以修复这个问题，仅仅将其设置为0无法解决。 Parallels Plesk 8.6 Parallels ---------...

BIOS Info (SSH)

Using SMBIOS and UEFI, it was possible to get BIOS info. TRUSTED...

Unpassworded 'r00t' account

The account 'r00t' on the remote host has no password. An attacker may leverage this issue to gain access to the affected system and launch further attacks against it. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "r00t"; include'deprecatednasllevel.inc'; include'compat.inc'; if...

FreeBSD Security Advisory (FreeBSD-SA-05:01.telnet.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:01.telnet.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Default Password (bank) for 'bank' Account

The account 'bank' on the remote host has the default password 'bank'. An attacker may leverage this issue to gain access to the affected system and launch further attacks against it. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "bank"; password = "bank";...