Alcatel ADSL-Ethernet bridge Vulnerabilities

Executive Summary

Multiple vulnerabilities exist in the Alcatel Speed Touch ADSL "modem."
These vulnerabilities can allow an intruder to take complete control of the device.
There is no way for the end user to disable these "features."

A malicious attacker can:

• Render the device inaccessable
• Disable the device, temporarily or permanently (requiring return to the manufacturer)
• Install malicious code, such as a network sniffer for monitoring local LAN traffic or denial-of-service tools. agent.

These vulnerabilities are the result of:

• A "backdoor" allowing access to the system without any authentication even if the user has changes passwords on the device
• A tftp server which (by definition) does not require authentication. This server can be used to discover and change passwords.
• Lack of integrity checking/authentication on firmware installs.

For more information, see this SDSC advisory

(Speed Touch is a trademark of Alcatel.) `