| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Jul 2005 14:15:08 +0200 From: Roman Daszczyszak <romandas@...il.com> To: bugtraq@...urityfocus.com Subject: Re: several vulnerabilities present in Belkin wireless routers I can't comment on the Belkin stuff. As for Cisco IIRC, telnet is enabled by default, however it doesn't allow anyone to log in unless a telnet password is set on the vty lines and the login command is configured as well, and those are not set by default. So, you can certainly use a telnet exploit against them because the port is open, but you're not going in via the non-existant password. Regards, Roman Daszczyszak ---------- Original message ---------- From: steven.salaets@...driver.com To: bugtraq@...urityfocus.com Date: 20 Jul 2005 08:58:29 -0000 Subject: Re: Re: several vulnerabilities present in Belkin wireless routers What I wonder is: How much of a security threat is this? Are we not talking about default settings here? How secure is a linksys or cisco AP out of the box? As far as I recall Cisco also enables telnet by default and if you Google for a default administrative password for any network device it won't take you 5 minutes to find it. -Steven
Powered by blists - more mailing lists