lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <201307081607.r68G7dIo022495@sf01web1.securityfocus.com>
Date: Mon, 8 Jul 2013 16:07:39 GMT
From: doylej.ia@...il.securityfocus.com
To: bugtraq@...urityfocus.com
Subject: Authentication bypass in D-Link devices (session cookies not
 validated)

Vendor: D-Link
Affected Products:
-DIR-505L SharePort Mobile Companion (HW: A1 / FW: 1.01)
-DIR-826L Wireless N600 Cloud Router (HW: A1 / FW: 1.02)
Vendor Notification: April 8, 2013
Public Disclosure: July 8, 2013
Vulnerability Type: Authentication Bypass
CVE Reference: CVE-2013-4772
Solution Status: Not Fixed
Credit: Jason Doyle / tw: jasond0yle

Advisory Details:
It is possible to bypass authentication to gain administrator level access to the web management console by navigating directly to any web page while a legitimate session is still active. During this window of opportunity, session cookies are not validated and an attacker with or without a session cookie can gain unfettered access to view and change all configurable settings on the device, including the addition / modification of user accounts for persistent access. This is not possible once a legitimate session has expired.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ