Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:CONEXANT-LOGIN

Severity

 Minor

Recommended

 No

Category

 APP

Keywords

 Conexant Chipset DSL Router Default Login

Release Date

 2004/10/27

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

MISC: Conexant Chipset DSL Router Default Login


This signature detects a default blank login to a DSL router based on the Conexant chipset. Attackers can supply a blank password on a secret port to modify the router settings.

Extended Description

The authentication mechanism used by the Conexant AccessRunner DSL Console can be bypassed. This could allow a remote user to access the device's configuration settings. ** The discoverer of this issue has reported that it may not be present in some devices. There is currently no known reason for why some devices are vulnerable while others are not. This record will be updated if and when further details become available.

Affected Products

  • Conexant accessrunner_dsl_console 3.21.0

References

  • BugTraq: 8765
  • CVE: CVE-2004-0680
  • URL: http://www.chiark.greenend.org.uk/~theom/security/origo.html
  • URL: http://www.security.nnov.ru/search/document.asp?docid=6453

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out