| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <000301c6fd1d$0ad46b50$6502a8c0@zionsecutiy> Date: Tue, 31 Oct 2006 18:27:21 +0200 From: "LegendaryZion" <moskito@...le.net.il> To: <bugs@...uritytracker.com>, "BugTraq" <bugtraq@...urityfocus.com>, <news@...uriteam.com>, <full-disclosure@...ts.grok.org.uk> Subject: Directory listing on B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD" ·= Security Advisory =· Issue: B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD" Discovered Date: 02/10/2006 Author: Tal Argoni, LegendaryZion. [talargoni at gmail.com] Product Vendor: http://www.inoviatele.com/ Details: B-FOCuS Wireless Router is prone to a directory listing Vulnerability. The vulnerability exists in Web-Based Management , caused by the lack of poor configuration. Exploitation URL: http://target/html/defs/ Successful exploitation allow viewing the router files and configuration files. Proof Of Concept: http://target/html/defs/ Thanks, Tal Argoni, CEH www.zion-security.com
Powered by blists - more mailing lists