[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Tele2 - Versatel and Vivendi - exploit PATCHED

This vulnerability has been patched successfully by the vendor as tests by 
various parties have demonstrated, more details here:

http://cytrap.eu/blog/?p=133

Happy Holidays
Urs E. Gattiker
CyTRAP Labs and www.CASEScontact.org


At 21:23 2006-10-04, you wrote:
>------------------------------
>
>Message: 2
>Date: Wed, 04 Oct 2006 13:56:27 +0200
>Subject: [Full-disclosure] Tele2 - Versatel and Vivendi - exploit
>To: full-disclosure@xxxxxxxxxxxxxxxxx
>Message-ID: <7.0.1.0.0.20061004095637.05222f10@xxxxxxxxx>
>Content-Type: text/plain; charset="us-ascii"; format=flowed
>
>Tele 2 has recently announced that it is selling its Benelux assets
>to Versatel and yesterday it informed the media that it intends to do
>the same with its French assets, selling those to Vivendi.
>
>The company that touts itself as providing economical broadband and
>telecommunication services does, however, have a slight problem
>regarding information security.
>
>A vulenrability is being taken advantage off by various groups of
>people and, in turn, this could harm home users that receive their
>broadband and fixed-line services from Tele2.
>
>In fact, several security features can be de-activated allowing a
>malicious user to take control of a user's PC, his broadband
>connection as well as his phone line as described here with a screen shot:
>
>http://cytrap.eu/blog/?p=57
>
>This is another example where user's face risks regarding their
>internet connection they might not even be aware of. Another one of
>those is the recent Fon example also circulated on this list.
>
>Urs E. Gattiker
>CyTRAP Labs & CASEScontact.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/