Sign-up

ID

VAR-200810-0530


TITLE

Telecom Italia Alice Router IP Packet Unauthorized Access Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2008-4976

DESCRIPTION

Telecom Italia is Italy's most important ISP, offering ADSL services called Alice. If the intranet user sends the following IP packet to the Alice router: 1) IP protocol number 2552) 8 bytes load size 3) The load is the first 8 bytes of the MD5 data after the br0 device MAC address is deformed 4) These modems The br0 has the same eth0 mac to activate the router's management interface and telnet/ftp/tftp service for unauthorized access. Multiple Telecom Italia routers are prone to an authentication bypass vulnerability that may allow attackers to gain access to a router's administration interface and unauthorized access to certain services. Successfully exploiting this issue will allow attackers to gain unauthorized administrative access to the affected device and activate services such as telnet, ftp, and tftp. The following routers are affected. AGA (Alice Gate2 plus Wi-Fi]) AGB (Alice Gate2 plus) AG2P-AG3 (AG2P-AG3[Alice Gate W2+) AGPV-AGPF (Alice Gate VoIP 2 Plus Wi-Fi). ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: Telecom Italia Alice Routers Magic Packet Security Bypass SECUNIA ADVISORY ID: SA32258 VERIFY ADVISORY: http://secunia.com/advisories/32258/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From local network OPERATING SYSTEM: Alice Gate2 Plus Wi-Fi http://secunia.com/advisories/product/17350/ Alice Gate VoIP 2 Plus Wi-Fi http://secunia.com/advisories/product/20162/ Alice Gate 2 Plus http://secunia.com/advisories/product/20160/ Alice Gate W2+ http://secunia.com/advisories/product/20161/ DESCRIPTION: saxdax and drpepperONE have reported a vulnerability in various Telecom Italia Alice routers, which can be exploited by malicious people to bypass certain security restrictions. SOLUTION: Restrict network access to the vulnerable device. PROVIDED AND/OR DISCOVERED BY: saxdax and drpepperONE ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2008-October/065050.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 0.9

sources: CNVD: CNVD-2008-4976 // BID: 31754 // PACKETSTORM: 70988

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2008-4976

AFFECTED PRODUCTS

vendor:telecommodel:italia group messengerscope:eqversion:0

Trust: 0.6

vendor:telecommodel:italia agpv-agpfscope:eqversion:0

Trust: 0.3

vendor:telecommodel:italia agbscope:eqversion:0

Trust: 0.3

vendor:telecommodel:italia agascope:eqversion:0

Trust: 0.3

vendor:telecommodel:italia ag2p-ag3scope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2008-4976 // BID: 31754

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2008-4976
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2008-4976
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2008-4976

THREAT TYPE

network

Trust: 0.3

sources: BID: 31754

TYPE

Access Validation Error

Trust: 0.3

sources: BID: 31754

EXTERNAL IDS

db:BIDid:31754

Trust: 0.9

db:SECUNIAid:32258

Trust: 0.7

db:CNVDid:CNVD-2008-4976

Trust: 0.6

db:PACKETSTORMid:70988

Trust: 0.1

sources: CNVD: CNVD-2008-4976 // BID: 31754 // PACKETSTORM: 70988

REFERENCES

url:http://secunia.com/advisories/32258/

Trust: 0.7

url:http://www.telecomitalia.com/

Trust: 0.3

url:/archive/1/497312

Trust: 0.3

url:http://secunia.com/advisories/product/20162/

Trust: 0.1

url:http://secunia.com/binary_analysis/sample_analysis/

Trust: 0.1

url:http://secunia.com/advisories/product/20161/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/product/17350/

Trust: 0.1

url:http://secunia.com/advisories/product/20160/

Trust: 0.1

url:http://lists.grok.org.uk/pipermail/full-disclosure/2008-october/065050.html

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2008-4976 // BID: 31754 // PACKETSTORM: 70988

CREDITS

saxdax & drpepperONE.

Trust: 0.3

sources: BID: 31754

SOURCES

db:CNVDid:CNVD-2008-4976
db:BIDid:31754
db:PACKETSTORMid:70988

LAST UPDATE DATE

2022-05-17T01:49:21.191000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2008-4976date:2008-10-14T00:00:00
db:BIDid:31754date:2008-10-16T20:57:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2008-4976date:2008-10-14T00:00:00
db:BIDid:31754date:2008-10-14T00:00:00
db:PACKETSTORMid:70988date:2008-10-16T22:55:58