| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri Oct 14 18:40:33 2005 From: barrie at reboot-robot.net (Barrie Dempster) Subject: WRT54G directory trasversial vulnerability On Wed, 2005-10-12 at 16:36 -0400, Shell wrote: > I just found a vulnerability in Linksys WRT54G routers. > > http://192.168.1.1/apply.cgi?action=../ > > It loads the page after action > > http://192.168.1.1/apply.cgi?action=../ returns the setup page > http://192.168.1.1/apply.cgi?action=../blah returns that the file does not exist Confirmed, however authentication is required. Still a vulnerability in the system and worth patching though. It's worth noting that there is alternative firmware available for this device such as OpenWRT http://www.openwrt.org . -- With Regards.. Barrie Dempster (zeedo) - Fortiter et Strenue "He who hingeth aboot, geteth hee-haw" Victor - Still Game blog: http://reboot-robot.net sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 1859 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051014/b77201d0/smime.bin
Powered by blists - more mailing lists