Security Flaw Found In Common DSL Modem - 1.6 million affected
Prominent network-security experts say they have identified multiple vulnerabilities in a widely used DSL modem that can lead to unauthorized access and monitoring, denial of service, and permanent disabling of the device. The affected modems are distributed to customers by DSL providers, including SBC Communications and Bell South. Alcatel is the world's leading DSL modem maker and claims to have more than 1.6 million units installed worldwide.
In a security advisory released Tuesday, researchers at the San Diego Supercomputer Center (SDSC) identified several flaws in "Speed Touch" ADSL modems made by French telecommunications equipment manufacturer Alcatel, including a back door that completely bypasses any passwords that users may have set on the device. Intruders can potentially log on to the modem with the user name "expert" and change or delete embedded software....
Security Flaw Found In Common DSL Modem
While testing was performed on the "Speed Touch Home" model, it's strongly suspected that other members of the same product family also share the vulnerability.
A spokesman for Alcatel said the company is aware of the problem and is working with the SDSC and the Computer Emergency Response Team (CERT) at Carnegie Mellon University to determine exactly which modems and how many customers are affected. He said they know of no instances where any user has been compromised. Users of Alcatel DSL modems can keep track of developments at
