Security flaw found in Alcatel DSL modems
Published: 11 Apr 2001 08:55 BST
Computer industry security experts believe they have discovered a vulnerability in certain high-speed modems manufactured by French communications equipment giant Alcatel.
Though only theoretical so far, the problem makes the devices potentially vulnerable to malicious hacker attacks.
The security problems could allow a hacker to bypass users' passwords and alter the devices, making them temporarily or permanently unusable, researchers said. A hacker also could potentially install code to gather unencrypted credit card information or read unencrypted email messages, investigators said.
Researchers at the San Diego Supercomputer Center, a unit of the University of California at San Diego, published details of their findings in a security advisory Monday night. The Computer Emergency Response Team (CERT), a computer security organisation based at Carnegie Mellon University, followed with a similar alert Tuesday. Another author of the alert was Tsutomu Shimomura, a well-known security researcher and co-author of Takedown, on the arrest of hacker Kevin Mitnick.
"Our purpose here is not to beat up Alcatel... but we thought there were enough weaknesses here that we wanted to alert people," said Tom Perrine, manager of security technologies at the San Diego Supercomputer Center and one of the primary researchers who discovered the apparent flaws.
According to these organizations, two models -- Alcatel's Speed Touch Home ADSL modem and the Alcatel 1000 Network Termination Device, which are among the most popular broadband modems -- could allow a hacker to remotely install new "firmware", the software embedded within the modems.
Exploiting the modems' vulnerabilities could lead to "unauthorised access, unauthorised monitoring, information leakage, denial of service, and permanent disability of affected devices," CERT said.
For its part, Alcatel said it is working with US researchers to determine the extent of the problems.
"Our engineers are in discussions with CERT and the San Diego Supercomputer Center to try to determine what the problem is and, if there is a problem, what to do about it," said Alcatel spokesman Brian Murphy.
The French media has picked up on the issue already. In response, Alcatel posted a statement on its corporate Web site suggesting that customers install a firewall. Firewalls, a combination of hardware or software, are designed to protect a network by blocking unwanted or malicious traffic.
At issue, according to Alcatel's Web site, is a feature that is intended to allow communications service providers to remotely upgrade the software within their customers' modems.
The modems include protections designed to keep intruders out, but the modem owner must deactivate these protections to allow a software upgrade. Hackers are capable of remotely deactivating these protections, leaving the modem vulnerable unless used in conjunction with a firewall, Alcatel said.
The popularity of Alcatel's modems increases the significance of the security concern.
SBC Communications, the top DSL provider in the United States, and BellSouth, another of the nation's major local phone providers, are two customers of Alcatel's broadband modems, Alcatel's Murphy said.
In November, the company said that more than 1.3 million Alcatel DSL modems were in use worldwide. In addition, a February study by market research firm Dell'Oro Group pegged Alcatel as the world's number one DSL modem maker with a 34.9 percent market share. About 1.6 million people use an Alcatel DSL modem worldwide, Dell'Oro said.
Despite the wide use of the vulnerable technology, researchers admit the Alcatel modem problems are arcane and are unlikely to be widely exploited.
"Admittedly, not everyone is going to wake up tomorrow with new firmware in their modem," Perrine said
Perrine, who said his team was able to gain access to the modems within about three days, estimates a hacker could do the same in about two weeks. "We started talking to [the modem] and it started spilling its guts," he said.
Take me to ZDNet Enterprise
Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.
Let the editors know what you think in the Mailroom. And read what others have said.
Did you find this article useful?
56 out of 87 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
