[CALUG] Cable Modem Security Issue

Daniel Deighton ddeighton at aplura.com
Thu Oct 22 22:19:41 EDT 2009


I, for one, really appreciate this type information (especially when it
is security related).  As far as I know, Time Warner and/or Road Runner
have zero presence in Maryland, but this is really interesting and
useful information regarding a major ISP.  It is always amazing that
such a glaring security issue made it to market.  Where is the quality
control and application audit process?



Daniel Deighton
Partner - Aplura, LLC
ddeighton at aplura.com

On Thu, 2009-10-22 at 20:53 -0400, Ben W wrote:
> As I'm new to the list I'm not sure if this is appropriate since it's
> not *nix related, I'm new to the area I'm not sure if Time Warner even
> has presence in the local bandwidth market. However, if anyone is a
> Time Warner or Road Runner customer using the SMC8014 model modem you
> should be aware that David Chen recently alerted the community to a
> major flaw in the device. A user can access all of the modems
> administrative functions by simply disabling javascript in their web
> browser and connecting to the device.
> As always if this is a misuse of the list please let me know, I'm new,
> but as this is now showing up on numerous blogs I'm sure there'll be
> scriptkiddies pounding away at it and figured I'd toss a line.
> Thanks much
> For ZeroDay's article
> http://blogs.zdnet.com/security/?p=4702
> _______________________________________________
> CALUG mailing list
> CALUG at unknownlamer.org
> http://lists.unknownlamer.org/listinfo/calug

More information about the CALUG mailing list