[plug] [cert-advisory at cert.org: CERT Advisory CA-2001-08]
Matt Kemner
zombie at wasp.net.au
Wed Apr 11 11:49:23 WST 2001
On Wed, 11 Apr 2001, Simon Scott wrote:
> What are they saying, that it is easy to get the 'challenge string'
> and from it determine the password, and therefore someone online could enter
> some low-level troubleshooting mode???
They are saying that's one of the things they can do, yes.
They can also upload new firmware to it, so for example it starts sniffing
all your network traffic, looking for something "interesting" and passing
it on to them, or have it ready to take part in a DDoS, or they can kill
it completely so it needs to be returned to the manufacturer, etc etc.
There's a few other things they can do, but I would say the fact anyone
can replace the firmware with anything they like is probably about as bad
as it gets.
- Matt
More information about the plug
mailing list