Alcatel Information for VU#211736

Alcatel ADSL modems grant unauthenticated TFTP access via Bounce Attacks

Status

Affected

Vendor Statement

Alcatel has published a statement regarding these issues at:

    http://www.alcatel.com/consumer/dsl/security.htm

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References

    None

    Addendum

    The CERT/CC believes that the following devices are affected by this vulnerability

    - Alcatel Speed Touch Home ADSL Modem
    - Alcatel 1000 ADSL Network Termination Device

    If you have feedback, comments, or additional information about this vulnerability, please send us email.