[22255] in bugtraq
BID 3161: other ZyXEL Prestige routers affected too
daemon@ATHENA.MIT.EDU (Daniel Roethlisberger)
Wed Aug 15 15:59:16 2001
Date: Wed, 15 Aug 2001 20:47:02 +0200
From: Daniel Roethlisberger <daniel@roe.ch>
Message-ID: <848091890.20010815204702@roe.ch>
To: bugtraq@securityfocus.com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I've received word that the ZyXEL Prestige 202 router has its
administrative telnet/FTP services open on the WAN side too, and
preconfigured filters are not applied and do not work properly if
applied as-is. In addition, I was able to check out an oldish
Prestige 100, and it too was vulnerable, same situation.
I suspect that the vast majority of ZyXEL Prestige family routers
have this problem. It is less of a problem with non-DSL routers
that are not online 24/7, but it is still dangerous enough in any
case. The issue must have been around for years...
The latest vulnerability info for BID 3161 is now:
Vulnerable:
ZyXEL Prestige 100
ZyXEL Prestige 202
ZyXEL Prestige 642R
ZyXEL Prestige 642R-I
Not Vulnerable:
ZyXEL Prestige 642M
ZyXEL Prestige 642M-I
If you have access to a ZyXEL router, check whether admin services
are open to the Internet, and let me know about the results. Thanks.
Cheers,
Dan
--
Daniel Roethlisberger <daniel@roe.ch>
PGP Key ID 0x8DE543ED with fingerprint
6C10 83D7 2BB8 D908 10AE 7FA3 0779 0355 8DE5 43ED
