| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Oct 2004 19:59:05 +0200 From: "Ivan Casado" <casadoi@...com> To: <bugtraq@...urityfocus.com> Subject: More details on BID 11408 (3com 3cradsl72 wireless router) Hi, I'm writing regarding BID 11408. I have this router at home for my ADSL connection. The software versions of my router are: Runtime Code Version 1.05 (Jan 27 2004 14:58:25) Boot Code Version V1.3d Hardware Version 01A ADSL Modem Code Version 13.9.38 (taken from http://192.168.2.1/index.stm) Under this environment I describe the URL http://192.168.2.1/app_sta.stm described in this BID not only discloses some critical information. After I accessed this URL I could access the rest of the administrative web interface of the router and view/change any parameter (WEP keys, IP addresssing, firewall rules, dhcp server configuration....). After I access this URL the router considers that I´m authenticated. The router allows to configure if the router can be administered from the external interface (internet). As a workarround users should turn off this option. This restricts the vulnerability to internal only users, then considering that this is a Wireless router the highest level of protection should be used in the wireless configuration. I recommend using WPA-PSK and deactivating the ESSID Broadcast option. Kind regards, Ivan Casado Ruiz
Powered by blists - more mailing lists