lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 21 Dec 2006 12:27:59 +0100
From: CyTRAP Labs - advisory <Report_exploit@...RAP.eu>
To: full-disclosure@...ts.grok.org.uk
Subject: Tele2 - Versatel and Vivendi - exploit PATCHED

This vulnerability has been patched successfully by the vendor as tests by 
various parties have demonstrated, more details here:

http://cytrap.eu/blog/?p=133

Happy Holidays
Urs E. Gattiker
CyTRAP Labs and www.CASEScontact.org


At 21:23 2006-10-04, you wrote:
>------------------------------
>
>Message: 2
>Date: Wed, 04 Oct 2006 13:56:27 +0200
>Subject: [Full-disclosure] Tele2 - Versatel and Vivendi - exploit
>To: full-disclosure@...ts.grok.org.uk
>Message-ID: <7.0.1.0.0.20061004095637.05222f10@...Urb.dk>
>Content-Type: text/plain; charset="us-ascii"; format=flowed
>
>Tele 2 has recently announced that it is selling its Benelux assets
>to Versatel and yesterday it informed the media that it intends to do
>the same with its French assets, selling those to Vivendi.
>
>The company that touts itself as providing economical broadband and
>telecommunication services does, however, have a slight problem
>regarding information security.
>
>A vulenrability is being taken advantage off by various groups of
>people and, in turn, this could harm home users that receive their
>broadband and fixed-line services from Tele2.
>
>In fact, several security features can be de-activated allowing a
>malicious user to take control of a user's PC, his broadband
>connection as well as his phone line as described here with a screen shot:
>
>http://cytrap.eu/blog/?p=57
>
>This is another example where user's face risks regarding their
>internet connection they might not even be aware of. Another one of
>those is the recent Fon example also circulated on this list.
>
>Urs E. Gattiker
>CyTRAP Labs & CASEScontact.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists