[Eug-lug] Recent report of vulnerabilities in Linksys WRT54G
routers
Allen Brown
abrown at peak.org
Mon Mar 24 18:54:19 PDT 2008
> Since recent discussion on this list centered on topic of configuring
> Linksys WRT54G routers, passing along a report of vulnerabilities
> found in various different hardware versions of the router,
> apparently discovered during the "Router Hacking Challenge".
Thank you!
> Unsure if this issue impacts only the non-Linux router versions.
>
> CVE:
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1247
>
> Original advisory:
> http://kinqpinz.info/lib/wrt54g/own.txt
I tried changing the root password to my Tomato based WRT54GL.
It wouldn't do it without the root password. So assuming
I did the test right, Tomato doesn't seem to have this
vulnerability. However, I'm not at all sure my test was valid.
> Secunia posted on 03/21/08
> Solution is to install firmware updates for some hardware versions.
>
> Secunia Advisory regarding Linksys WRT54G
> http://secunia.com/advisories/29344/
--
Allen Brown
http://brown.armoredpenguin.com/~abrown
More information about the EUGLUG
mailing list