[Discuss] Remote Vulnerabilities :: Linksys WRT54G routers

bernd essl (spam-protected)
Mi Sep 21 19:56:03 CEST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Linksys WRT54G Wireless Router Multiple Remote Vulnerabilities
BugTraq ID: 14822
Remote: Yes
Date Published: 2005-09-13
Relevant URL: http://www.securityfocus.com/bid/14822
Summary:
Multiple vulnerabilities have been identified in Linksys WRT54G
routers. These issue all require that an attacker have access to
either the wireless, or internal LAN network segments of the affected
device. Exploitation from the WAN interface is only possible if the
affected device has remote management enabled.

This issue allows attackers to:
- - Download and replace the configuration of affected routers.
- - Execute arbitrary machine code in the context of the affected device.
- - Utilize HTTP POST requests to upload router configuration and
firmware files without proper authentication
- - Degrade the performance of affected devices and cause the Web server
to become unresponsive, potentially denying service to legitimate users.

lg bernd
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDMZ6yoFnowMZmc58RAqi/AJ9pPRr32YPWbodCqM+hUNvSvk7SgwCfUZlI
VLrxIPX4OQ7O7hQ5V8bLme8=
=M4cj
-----END PGP SIGNATURE-----




Mehr Informationen über die Mailingliste Discuss