COMMAND

    Netopia

SYSTEMS AFFECTED

    Netopia ISDN Router

PROBLEM

    This vulnerability was discoverd by Bok.  Further investigation by
    Andrew  Wellington  (aka  proton).   The  system logs (both device
    history  and  WAN  history)  can  be  read  from the telnet prompt
    without logging into the system.

    The logs of the router can be viewed from the telnet login  screen
    by pressing a  certain key combination.   To access the  WAN event
    log type Ctrl-F at the login screen and to access the device event
    log type Ctrl-E at the login screen.

    Access to  these logs  may allow  access to  sensitive information
    such as usernames or passwords to an arbitary internet user.

SOLUTION

    This problem has been a known issue for some time and was resolved
    in Netopia firmware version 4.3.5.