lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 12 Feb 2014 16:34:34 -0500
From: kyle Lovett <krlovett@...il.com>
To: bugtraq <bugtraq@...urityfocus.com>
Subject: Re: ASUS RT Series Routers FTP Service - Default anonymous access

Correction: I meant to say 2013, not 2012. I apologize for the error.

On Wed, Feb 12, 2014 at 4:29 PM, kyle Lovett <krlovett@...il.com> wrote:
> Five ASUS RT series routers suffer from a vendor vulnerability that
> default FTP service to anonymous access, full read/write permissions.
> The service, which is activated from the administrative console does
> not give proper instructions nor indications that the end user needs
> to manually add a user to the FTP access table.
>
> The vendor was first alerted to this issue in late June of 2012, and
> then four other times officially from July 2012 to December 2012. It
> was not until January of this year, when the editors for the Norwegian
> publication IDG/PC World went to ASUS that any official response came.
>
> This vulnerability has been exploited aggressively for sometime now,
> and as a rolling count which has been kept ongoing since July 2012,
> over 30,000 unique IP address, at one time or another have had their
> FTP service shared.
>
> The FTP services, when not secured, allows for full read/write access
> to any external storage devices attached to the usb drives on the
> router.
>
> The vendor has issued an official (beta) patch for the RT-AC68U  as of
> mid-January, and plans on additional patches in the coming week.
>
> Models Include:
>
> RT-AC68U
> RT-AC56U
> RT-AC66U
> RT-N66U
> RT-N16
>
> CWE-287: Improper Authentication
> CVSS v2 Vector (AV:N/AC:L/Au:N/C:C/I:C/A:N/E:H/RL:OF/RC:C)
>
> CVSS Base Score 9.4
> Impact Subscore 9.2
> Exploitability Subscore 10
> CVSS Temporal Score 8.2
> Overall CVSS Score 8.2
>
> Many have reported malware being uploaded into the sync share folders,
> large amounts of unauthorized file sharing and most importantly the
> theft of entire hard drives of personal information. Over 7,300 units
> are still vulnerable to this weakness as of today.
>
> It is strongly urged that those with any of the above routers check to
> ensure that their FTP service has been secured.
>
> Links:
> https://www.asus.com/Networking/RTAC68U/#support
> http://www.idg.no/pcworld/article281004.ece
> http://www.thinkbroadband.com/news/6229-new-asus-router-firmware-to-fix-ftp-security-issue.html
> http://www.pcworld.com/article/2087180/asus-simplifies-router-configuration-to-protect-external-hard-drives.html
>
> Research Contact - Kyle Lovett
> Discovered - June, 2012

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ