Vulnerabilities > CVE-2001-1424 - Unspecified vulnerability in Alcatel Speed Touch Home
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 4 |
Nessus
NASL family Misc. NASL id ALCATEL_ADSL.NASL description The remote Alcatel ADSL modem has no password set. An attacker could telnet to this modem and reconfigure it to lock you out. This could prevent you from using your Internet connection. last seen 2020-06-01 modified 2020-06-02 plugin id 10530 published 2000-10-08 reporter This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/10530 title Alcatel ADSL Modem Unpassworded Access code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if(description) { script_id(10530); script_cve_id("CVE-2001-1424"); script_bugtraq_id(2568); script_version ("1.16"); script_name(english:"Alcatel ADSL Modem Unpassworded Access"); script_summary(english:"Logs into the remote Alcatel ADSL modem"); script_set_attribute(attribute:"synopsis", value: "The remote modem has an account with no password set." ); script_set_attribute(attribute:"description", value: "The remote Alcatel ADSL modem has no password set. An attacker could telnet to this modem and reconfigure it to lock you out. This could prevent you from using your Internet connection." ); script_set_attribute(attribute:"solution", value: "Telnet to this modem and set a strong password immediately." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_publication_date", value: "2000/10/08"); script_set_attribute(attribute:"vuln_publication_date", value: "2001/04/11"); script_cvs_date("Date: 2018/06/27 18:42:25"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2000-2018 Tenable Network Security, Inc."); script_family(english:"Misc."); script_require_ports(23); exit(0); } port = 23; # alcatel's ADSL modem telnet module can't bind to something else if(get_port_state(port)) { soc = open_sock_tcp(port); if(soc) { r = recv(socket:soc, length:160); if("User : " >< r) { s = string("\r\n"); send(socket:soc, data:s); r = recv(socket:soc, length:2048); if("ALCATEL ADSL" >< r)security_hole(port); } close(soc); } }
NASL family Misc. NASL id ALCATEL_ADSL_FIREWALLING.NASL description On the Alcatel Speed Touch Pro ADSL modem, a protection mechanism feature is available to ensure that nobody can gain remote access to the modem (via the WAN/DSL interface). This mechanism guarantees that nobody from outside your network can access the modem last seen 2020-06-01 modified 2020-06-02 plugin id 10760 published 2001-09-14 reporter This script is Copyright (C) 2001-2018 Alert4Web.com source https://www.tenable.com/plugins/nessus/10760 title Alcatel ADSL Modem Unrestricted Remote Access code # # This script was written by Georges Dagousset <[email protected]> # # See the Nessus Scripts License for details # # Changes by Tenable: # - Revised plugin title, fixed VDB refs, enhanced description (1/28/2009) include("compat.inc"); if(description) { script_id(10760); script_version ("1.23"); script_cve_id("CVE-2001-1424"); script_bugtraq_id(2568); script_name(english:"Alcatel ADSL Modem Unrestricted Remote Access"); script_set_attribute(attribute:"synopsis", value: "The Alcatel modem can be accessed remotely." ); script_set_attribute(attribute:"description", value: "On the Alcatel Speed Touch Pro ADSL modem, a protection mechanism feature is available to ensure that nobody can gain remote access to the modem (via the WAN/DSL interface). This mechanism guarantees that nobody from outside your network can access the modem's management interface and potentially change its settings. The protection is currently not activated on your system. In addition, access was gained without providing a password, which is the default." ); script_set_attribute(attribute:"solution", value: "Telnet to this modem and adjust the security settings as follows : => ip config firewalling on => config save In addition, set a strong password on all accounts." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"see_also", value:"http://www.alcatel.com/consumer/dsl/security.htm" ); script_set_attribute(attribute:"plugin_publication_date", value: "2001/09/14"); script_set_attribute(attribute:"vuln_publication_date", value: "2001/04/11"); script_cvs_date("Date: 2018/06/27 18:42:25"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); summary["english"] = "Checks Alcatel ADSL modem protection"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2001-2018 Alert4Web.com"); script_family(english:"Misc."); script_require_ports(23); exit(0); } include('global_settings.inc'); if ( ! thorough_tests && ! ereg(pattern:"^10\.0\.0\..*", string:get_host_ip())) exit(0); port = 23; # alcatel's ADSL modem telnet module can't bind to something else if(get_port_state(port)) { soc = open_sock_tcp(port); if(soc) { r = recv(socket:soc, length:160); if("User : " >< r) { send(socket:soc, data:string("\r\n")); r = recv(socket:soc, length:2048); if("ALCATEL ADSL" >< r) { s = string("ip config\r\n"); send(socket:soc, data:s); r = recv(socket:soc, length:2048); if("Firewalling off" >< r)security_hole(port); } } close(soc); } }