lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8D94A1E7E82F42F68A9B9EA29CA4FE48@gw1>
Date: Sat, 13 Oct 2007 00:15:47 +0300
From: "Valery Marchuk" <tecklord@...uritylab.ru>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Re: gnucitizen bt home hub latest,
	attacks wide spread, outages reported

> gnucitizen may be responible for bt being under a massive attack right
> now.
Oh my God, people stop talking nonsense!


Have you seen the video provided by gnusitizen.org with demonstration of
this attack or read the vulnerability description?

The guy sends a link to victim, victim visits this link and bam. we see the
IP address of the router (there are many ways to get his information. I`m
not familiar with BT products, so I won`t try to guess which way was used).
Then, we see, how attacker is trying to get access to the device via web
interface, then we see an authentication dialog, which is bypassed via
default password or through a bug in authentication mechanism. That's it.



Best regards,
Valery Marchuk
www.SecurityLab.ru

----- Original Message ----- 
From: "worried security" <worriedsecurity@...glemail.com>
To: <full-disclosure@...ts.grok.org.uk>
Sent: Friday, October 12, 2007 7:15 PM
Subject: [Full-disclosure] gnucitizen bt home hub latest, attacks wide
spread,outages reported


> gnucitizen 0day concerning bt home hub router firmware is vulnerable to
> attack.
>
> bbc radio 1's newsbeat program has been reporting today that customers
> can't
> connect to the internet.
>
> bbc radio 1 is a national and international radio station.
>
> i tried to look on the bbc radio 1 newsbeat site but they haven't put an
> online version of the report online.
>
> they didn't say gnucitizen on the radio but they said a group.
>
> they said bt customers have been reporting problems with their bt home hub
> and the report said bt are denying its connected with the security groups
> disclosure.
>
> this is very interesting but there is very little online about it, even
> from
> the bbc, who have been reporting on it via bbc radio 1 at 16:30pm (UK GMT)
> today.
>
> i urge people to investigate.
>
> gnucitizen may be responible for bt being under a massive attack right
> now.
>
> the media can phone up bbc radio 1 newsbeat and ask for a copy of the
> report
> to be put online.
>
> i think they should.
>
> the bbc radio 1 shouldn't give reports like that without putting it
> online.
>
> should gnucitizen get into trouble or should we not blame the researchers
> and only the script kids who have brought down bt today?
>
> bbc radio 1 is a music station and the news reports are just top of the
> hour
> news flashes lasting about 5 miniutes.
>
> they didn't repeat the report at 17:00pm GMT today, but maybe they will
> repeat it in their 17:45pm GMT news update?
>
> i'm sorry i don't have a link, but there isn't one online, UNBELIEVABLE
> for
> the bbc, they are usually good at standards.
>


--------------------------------------------------------------------------------


> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ