lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 10 Jan 2013 15:57:30 +0100
From: DefenseCode <defensecode@...ensecode.com>
To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: DefenseCode Security Advisory (UPCOMING): Cisco
 Linksys Remote Preauth 0day Root Exploit

DefenseCode Security Advisory (UPCOMING): Cisco Linksys Remote Preauth 
0day Root Exploit

Story behind the vulnerability...

Months ago, we've contacted Cisco about a remote preauth (root access) 
vulnerability
in default installation of their Linksys routers that we've discovered. 
We gave them
detailed vulnerability description along with the PoC exploit for the 
vulnerability.

They said that this vulnerability was already fixed in latest firmware 
release...
Well, not this particular vulnerability, since the latest official 
Linksys firmware -
4.30.14, and all previous versions are still vulnerable.

Exploit shown in this video has been tested on Cisco Linksys WRT54GL, 
but other
Linksys versions/models are probably also affected.
Cisco Linksys is a very popular router with more than 70,000,000 routers 
sold.
That's why we think that this vulnerability deserves attention.

According to our vulnerability disclosure policy, the vulnerability 
details will be
disclosed in following 2 weeks on http://www.defensecode.com/ , BugTraq and
Full Disclosure.
Due to the severity of this vulnerability, once again we would like to 
urge Cisco
to fix this vulnerability.

The vulnerability is demonstrated in the following video:
http://www.youtube.com/watch?v=cv-MbL7KFKE&hd=1

Kind Regards,
DefenseCode LTD.
E-mail: defensecode[at]defensecode.com
Website: http://www.defensecode.com
Advisory URL: 
http://www.defensecode.com/article/upcoming_cisco_linksys_remote_preauth_root_exploit-33

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ