SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Ericsson Modem Vendors:   Ericsson
(Vendor Clarifies) Re: Ericsson ADSL Modem Web Management Interface Grants Access to Any Remote User
SecurityTracker Alert ID:  1006170
SecurityTracker URL:  http://securitytracker.com/id/1006170
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Feb 26 2003
Impact:   Root access via network
Vendor Confirmed:  Yes  
Version(s): Model HM220dp
Description:   An authentication vulnerability was reported in the Ericsson HM220dp ADSL Modem. A remote user can access the device via the web-based interface.

It is reported that the device's web interface does not and cannot authenticate remote users. In some versions, the web administration page may only be accessible via the local area network (LAN).

The vendor notes that the device cannot be managed from the WAN side interface. The vendor has also clarified that the vulnerability is only present when the device is configured in Routed mode (and not Bridged mode operation).

Impact:   A remote user can access the web management interface.
Solution:   No solution was available at the time of this entry.

The vendor plans to issue a maintenance release on March 15, 2003 to correct this flaw.

The vendor has indicated that users that have experienced a service interuption due to this vulnerability can perform a factory reset to return to the intial configuration settings. The steps are reportedly described in the user manual.

Vendor URL:  www.ericsson.com/homeproducts/broadbandmodem/adsl_hm220d_spec.shtml (Links to External Site)
Cause:   Authentication error

Message History:   This archive entry is a follow-up to the message listed below.
Feb 11 2003 Ericsson ADSL Modem Web Management Interface Grants Access to Any Remote User



 Source Message Contents

Subject:  RE: Ericsson HM220dp ADSL modem Insecure Web Administration Vulne


On behalf of Peter Linder, Technical Director, Ericsson Ethernet Broadband Access:


On February 11 a report was issued on BugTraq related to Ericsson's DSL modem HM 220.
The initial report included some statements that could be misinterpreted  and in order to avoid 
any further confusion on this subject we would like provide the following clarifications.

Ericsson hm220 is a flexible ADSL modem targeting the residential market.
For small offices Ericsson recommend hm230 (standard ADSL ), hn310 (ADSL Annex J 
support 3Mbps upstream) and hn800 (SHDSL) which has a feature set that is targeted towards
the small business customers needs.

hm220 can be operated in two modes, bridged and routed mode. There is no possibility to remotely
manage the modem from the WAN side in netither of these two modes. It is possible to perform local 
administration routines from a PC connceted to the LAN side of the modem but that option is restricted
to the Routed mode only. No such options exist for the products configured for Bridged mode operation.

Ericsson have scheduled a maintenance release for March 15 for the hm220 software that will eliminate
any risk for access to the modem being manipulated from the LAN side.

Any end-user experiencing service interuption through unwanted actions form the PC towards the modem 
can perform a factory reset, which is described in the user manual, which will return all initial installations.

All Ericsson ADSL modems launched after the hm220 have an increased security feature set for residential 
as well as small business users and the indication that other products in the hm and hn product families 
would be vulnerable is not correct.


Peter Linder
Technical Director, Ethernet Broadband Access

Business Unit Systems
Ericsson AB
Phone: + 46 8 719 2974
e-mail: peter.linder@ericsson.com

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC