Security Alert! Adelphia's Cable Modems Compromised!

[LordRaiden]

Slashdot has posted a notice that everyone using Adelphia's cable modems should be fully aware of. It seems that someone has figured out how to exploit an apparent weakness in the Adelphia cable modems. This allows anybody on the service to spy on anybody else's connection, even encrypted and secure transmissions, modify other users internet packets in realtime, and much more.

Bugtrac first reported this problem but no fix is yet available. Please be aware of this. Please keep an eye out should you have one of these modems or the Adelphia internet service.

Please check in with Bugtrac and Security Focus for all future updates and announcements about this.

 

[JackMDS]

Is this bug would pass a Firewall?

 

[Santa]

I guess the fact that the internal cable network is a big broadcast domain because of the hub use or switch in hub mode use then it doesn't matter whether you are behind a real firewall / NAT or just plain exposed your traffic is hijackable via some methods such as the ARP poisoning.

Once the arp cache (in the modem itself) has been poisoned with the hacker's machine as the target there isn't anything you can do really. Your modem/gateway would think its doing what its supposed to by sending to the middle man.