[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass
From: jn@xxxxxx
Date: 21 Jan 2007 13:25:35 -0000

I maintain an alternative firmware for the Speedport series and can confirm the 
flaw in the following firmwares:
Speedport W500V Firmware T-Com 1.30
Speedport  500V Firmware T-Com 1.31

Speedport W500V Firmware mod500
Speedport  500V Firmware mod500
Targa WR500 VoIP Firmware mod500

I'm 99% certain that the original firmware for the Targa is also concerned.

CORRECTION
White the description of the security flaw is correct, please notice:
Installing a new firmware does NOT change the system password!

Prev by Date: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability
Next by Date: [SECURITY] [DSA 1251-1] New netrik packages fix arbitary shell command execution
Previous by thread: Re: Virginity Security Advisory 2007-001 : T-Com Speedport 500V Login bypass
Next by thread: WzdFTPD < 8.1 Denial of service
Index(es):
- Date
- Thread