lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1070520114.3714.17.camel@tantor.nuclearelephant.com>
From: jonathan at nuclearelephant.com (Jonathan A. Zdziarski)
Subject: [Fwd: Bugtraq: Linksys WRT54G Denial of
	Service Vulnerability]

In a lot of cases, this would only be exploitable internally, since many
configurations are set up not to allow access to the unit externally. 
But in any case, there are a lot of other ways to DoS these little
residential boxes.  Running macof (part of the dsniff package) will
effectively shut down all traffic on the network.  I'm sure arpspoof
without forwarding would do the same thing.  I'm surprised these things
don't support something as basic as SSL for authentication (at least the
model I've got doesn't)

On Wed, 2003-12-03 at 23:42, Michael Renzmann wrote:
> Can anyone confirm if technically identical devices such as the Buffalo 
> WBR-G54 share this vulnerability?



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ