lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20030412161637.GA1211@worldbank.ro>
Date: Sat, 12 Apr 2003 19:16:37 +0300
From: Stefan Laudat <stefan@...ldbank.ro>
To: Branson Matheson <branson@...dborne.net>
Subject: Re: Medium Vulnerability in SNMP on Linsys BEFVP41



I'd kiss a frog if this was true. Actually  I use over 50 of these
toys in production and it would have made me very happy if I could use
SNMP from outside the external interface. No surprise for me that
the tech support did not respond on your emails, it's likely that
they're using outsourced software in their products, since I've 
had a nice discussion some time ago with one of their support
representative who didn't ever know what I was talking about when 
referring words like 'Crypto engine failure','isakmp' etc
I also have some bug issues open in their tech support, which
remained unanswered until today. What I know is they told me SNMP
is *not* usable from outside, and I've tested this for myself.
All filters were off, not blocking any wan request, remote management
on. 
Recently I've bought a new one which contains version 1.40.5,
still unreleased on the web site, so hang on for this release.
Once again, don't rely on their support (which is stinky), maybe
Cisco will fix this as they've bought them some weeks ago.


>   The MIB information available from the default 'public' community name on 
> the external interface of a Linksys VPN router includes information about 
> the hosts on the inside of the protected network including routes, hardware 
> addresses ( MAC ), and some configuration information. What is NOT 
> available include information about the VPN's configured, any preshared 
> keys, VPN routes, or endpoint IP's. 
> 

-- 
Stefan Laudat
CCNA & CCAI
-------------
Marriage is the only adventure open to the cowardly.
                -- Voltaire



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ