lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3F55F9FA.000005.01144@alexander>
From: alexander.mueller at electronic-security.de (Alexander Müller)
Subject: SMC7004VB sensitive information leak

:: Advisory
 
Vulnerable: SMC7004VB sensitive information leak
Found: July 25th 2003
Vendor: SMC
Vendor notified: August 15th 2003
Vendor response: Answered but is on vacation.
Public release: August 31th 2003
 
Vulnerability:
 
An incorrect configuration in the SMC7004VB router allows you
to steal usernames and passes.
You can also use the IP without spoofing.
 
Some days ago, I scanned the IP of a teammember and LANguard
detected an installed proxy.
I tried to visit the homepage of this proxy...
But there was none. I used the proxy and opened the page again.
A saw a loginscript and tried some passes (username isn't required).
I tested some passes but the proxy didn't block.
Therefore I started a Bruteforceattack and after this I
noticed, the proxy did not block after thousands of passes.
I aborted this test.
 
That was the proof that you can get the pass with a stupid
working attack
 
Alexander Müller
Electronic Security
www.Electronic-Security.de
 
Thanks to: mo (Kryptocrew.de), Fabian Becker (Electronic Security)


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ