| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20090206170154.07cc41e9.rembrandt@jpberlin.de>
Date: Fri, 6 Feb 2009 17:01:54 +0100
From: rembrandt <rembrandt@...erlin.de>
To: full-disclosure@...ts.grok.org.uk
Subject: Security contacts at Netgear and/or D-Link? (DoS,
pos. default PWs and other issues)
Is somebody aware of security contacts at Netgear or D-Link?
Products of those vendors do suffer from possible DoS, propably default
hardcoded root accounts (D-Link) and other issues.
Timeline:
ZDI:
Case Opened 2009-01-18 04:24 GMT-6
Case Closed 2009-01-19 14:12 GMT-6
"We are not interested in vulnerabilities affecting D-Link at this
time."
Case Opened 2008-12-28 07:57 GMT-6
Case Closed 2009-01-15 17:01 GMT-6
"After some deliberation we have unfortunately decided that we won't be
accepting bugs affecting NetGear products."
Contacting mitre.org, asking for CVE and a contact at D-Link:
Mo, 2.02.2009, 13:01
Contacting mitre.org and NetGear asking for CVE and contact:
Mo, 2.02.2009, 12:55
pressrelations@...gear.com (OSVDB entry in the contact field)
coley@...us.mitre.org (cc, found by googling)
No replies so far.
Maybe NetGear and D-Link could consider to work together with the OSVDB
to enter at least some valid contact data.
Somebody interested into Router issues (and no it's no xss...)?
The vendor itself seam to not to care about their customers or security...
Kind regards,
Rembrandt
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists