lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 31 May 2004 12:51:41 -0400 From: "Alan W. Rateliff, II" <lists@...eliff.net> To: <bugtraq@...urityfocus.com> Subject: LinkSys WRT54G administration page availble to WAN Manufacturer: LinkSys (a division of Cisco) Product: Wireless-G Broadband Router Model: WRT54G Product Page: http://www.linksys.com/products/product.asp?grid=33&scid=35&prid=601 Firmware tested: v2.02.7 In a recent client installation I discovered that even if the remote administration function is turned off, the WRT54G provides the administration web page to ports 80 and 443 on the WAN. The implications are obvious: out of the box the unit gives full access to its administration from the WAN using the default or, if the user even bothered to change it, an easily guessed password. I reported this to LinkSys (along with a number of other non-security related issues) on April 28. I received no reponse addressing this, and no updated firmware has yet appeared on their firmware page http://www.linksys.com/download/firmware.asp?fwid=201 To work around this, you can use the port forwarding (irritatingly renamed to Games and whatever) to send ports 80 and 443 to non-existant hosts. Note that forwarding the ports to any hosts -- inluding listening ones if you are actually running servers -- will override the default behavior. On a personal note, there are a number of reasons for which I am thoroughly disappointed with LinkSys since the acquisition by Cisco. For the sake of what was once a rock-solid product and great brand name, I hope things change soon. -- Alan W. Rateliff, II : RATELIFF.NET Independent Technology Consultant : alan2@...eliff.net (Office) 850/350-0260 : (Mobile) 850/559-0100 ------------------------------------------------------------- [System Administration][IT Consulting][Computer Sales/Repair]
Powered by blists - more mailing lists