Nortel warns of three VPN Router product flaws
Nortel this week warned of several backdoors, and other flaws, in its VPN and secure routing products that could allow unauthorized remote access to an enterprise network.
User accounts used for diagnostics on Nortel VPN routers (formerly known as Contivity) could be used to gain access to a corporate VPN. In another potential vulnerability, unauthorized remote users could also gain administrative access to a VPN router through a Web interface. A third vulnerability could result in someone cracking users' VPN passwords.
[ Read more ]