BugTraq
Back to list
|
Post reply
Telindus 112x ADSL Router - Weak Password Encryption
Dec 28 2002 12:58PM
eflorio edmaster it
Telindus Router (series 112x)
has a well-know authentication problem,
which lets to extract router password
from a UDP-dump sniffed over 9833 port.
More about this at:
http://www.securiteam.com/securitynews/5DP0A2K7GY.html
or
http://neworder.box.sk/showme.php3?id=6730
New firmware (6.0.27, Jul/2002)
tries to fix this problem using
an encypted packet during the UDP session,
but encryption scheme used is trivial
and it's easy to decrypt the password
knowing only the router name (name is showed by
Telindus 9100 Maintenance Application during
authentication).
Encryption scheme, analisys, session dump and packets
will posted after a Telindus reply.
Elia Florio
(eflorio (at) edmaster (dot) it [email concealed])
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Telindus Router (series 112x)
has a well-know authentication problem,
which lets to extract router password
from a UDP-dump sniffed over 9833 port.
More about this at:
http://www.securiteam.com/securitynews/5DP0A2K7GY.html
or
http://neworder.box.sk/showme.php3?id=6730
New firmware (6.0.27, Jul/2002)
tries to fix this problem using
an encypted packet during the UDP session,
but encryption scheme used is trivial
and it's easy to decrypt the password
knowing only the router name (name is showed by
Telindus 9100 Maintenance Application during
authentication).
Encryption scheme, analisys, session dump and packets
will posted after a Telindus reply.
Elia Florio
(eflorio (at) edmaster (dot) it [email concealed])
[ reply ]