[Full-Disclosure] Re: backdoor menu on conexant chipset dsl router (Zoom X3)

[Adam Laurie <adam@xxxxxxxxxxxxx>]

duke_skillz@xxxxxxx wrote:
> Citando Adam Laurie <adam@xxxxxxxxxxxxx>:
>
>
> > i have just installed an adsl modem sold under the brand of Zoom X3
> >
> >   http://www.zoom.com/products/adsl_overview.html
> >
> > and was apalled to find that an nmap scan of the external address
> > immediately came up with the following:
> >
> >   PORT    STATE SERVICE
> >   23/tcp  open  telnet
> >   80/tcp  open  http
> >   254/tcp open  unknown
> >   255/tcp open  unknown

[ snip ]

> Someone please correct me if im wrong but i found reports of this issue that go
> back to October 2003 ( http://www.securityfocus.com/bid/8765/ ) from reasearch
> i found that the prob is in the Conexant CX82310-14 chipset with firmware
> 3.21...

this is a completely different problem. full details here:

  http://www.securityfocus.com/archive/1/340248

however, it seems the open ports problem been known about since at least 
May as i've now found reference to it here:

  http://www.adslguide.org.uk/newsarchive.asp?item=1657

cheers,
Adam
--
Adam Laurie                   Tel: +44 (20) 8742 0755
A.L. Digital Ltd.             Fax: +44 (20) 8742 5995
The Stores                    http://www.thebunker.net
2 Bath Road                   http://www.aldigital.co.uk
London W4 1LT                 mailto:adam@xxxxxxxxxxxxx
UNITED KINGDOM                PGP key on keyservers

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html