In-Reply-To: <5.1.1.5.0.20030213100935.02108210@mail.varberg.se> > Not according to my contacts at Ericsson. The vulnerability is limited to > one batch of 6000 modems delivered to the Italian market, which is bad > enough! The entire 220 series was discontinued in 2001. It may be that 220 series was discontinued in 2001, but according to a former pressrelease Ericsson did in fact deliver more than 200.000 modems (HM220dp og HM120dp) to Telecom Italia ,- http://www.ericsson.com/about/publications/contact/arc/cont11_01/brief.shtm l Additionally the hm220,- in bridged mode though, has been distributed by a telco in Denmark until recently (3 months ago). However and as previously mentioned by Davide Del Vecchio, when operated in "Bridged mode" which is the primary option for the traditional Telecom operators, who have bought the lion share of all units shipped, users are not affected. Further, the security issue is not possible to cause from the WAN side of the modem and require manipulation of user devices on the LAN side in order to occur, as mentioned by Davide Del Vecchio. As such the impact on end-user is narrowed down to a temporary disturbance to their DSL service and it can easily be solved by doing a factory reset of the modem, according to the process described in the manual. > >Solution: > >Ericsson has been contacted months ago but it's not still providing an > >updated firmware version that could prevent the problem ignoring it. As the vulnerability only affect operation in "Routed Mode", I can inform that Ericsson within shortly will develop a new firmware release for the end-users operating the device in Routed mode and it goes without saying that this new firmware version will eliminate the problem permanently for any mode of operation. Regards John Joergensen Safe2day.dk