backdoors from sercomm.. reincarnation in new equipment .
http://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf
In two words: the old way the remote root is not working, though the same shit is executing now from another binary being knocked by special packet types.
BTW: These ppl from sercomm supply equipment that is rebranded by other vendors. I.e. cisco. More details in the paper.
Hope some one will sue them for reintegration of the "already fixed" backdoor.
The presentation was noted on rsdn security.
In two words: the old way the remote root is not working, though the same shit is executing now from another binary being knocked by special packet types.
BTW: These ppl from sercomm supply equipment that is rebranded by other vendors. I.e. cisco. More details in the paper.
Hope some one will sue them for reintegration of the "already fixed" backdoor.
The presentation was noted on rsdn security.