Results 1 to 7 of 7

Thread: Linksys Vulnerabilities

  1. #1
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867

    Linksys Vulnerabilities

    For all our Linksys users out there, this was posted on Bugtraq today.

    Multiple vulnerabilities have been identified in Linksys WRT54G routers. These issue all require that an attacker have access to either the wireless, or internal LAN network segments of the affected device. Exploitation from the WAN interface is only possible if the affected device has remote management enabled.

    This issue allows attackers to:
    - Download and replace the configuration of affected routers.
    - Execute arbitrary machine code in the context of the affected device.
    - Utilize HTTP POST requests to upload router configuration and firmware files without proper authentication
    - Degrade the performance of affected devices and cause the Web server to become unresponsive, potentially denying service to legitimate users.
    Source

    Cheers:
    DjM

  2. #2
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    I believe the latest firmware (4.20.7, August 25th) addresses all issues mentioned.

    And couldn't you just have turned of the httpd to work around the problem? It's on by default, but can easily be turned off (I always turn off mine as soon as it has been configged).

  3. #3
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by Negative
    I believe the latest firmware (4.20.7, August 25th) addresses all issues mentioned.

    And couldn't you just have turned of the httpd to work around the problem? It's on by default, but can easily be turned off (I always turn off mine as soon as it has been configged).
    Never used a linksys Neg, I am a D-link & Cisco kind of guy.

    I just saw it posted today so I thought I'd give the users a heads-up here.

    Cheers:
    DjM

  4. #4
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Never used a linksys Neg, I am a D-link & Cisco kind of guy
    Well... now Linksys IS Cisco...
    http://news.com.com/Cisco+heads+home..._3-993457.html

    How have you made out with D-link!? Every single one that I've used has had serious stability issues. The damn things just reset themselves for no apparent reason or just stop working all together. (I've done the whole firmware upgrade and call support thing.)
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  5. #5
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    phishphreek80

    I have found that with DLINKs also...

    What I have done recently is lower the MTU setting to 1380....stops all the disconnects and makes them more stable...

    Have 2 sites where the routers continually needed to be reset....since then (2-3 weeks ago)...havent had the old whine

    " I cant connect to the internet" calls

    I used to get them every week minimum.....requiring the modem and router to be reset.


    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  6. #6
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by phishphreek80
    Well... now Linksys IS Cisco...
    http://news.com.com/Cisco+heads+home..._3-993457.html

    How have you made out with D-link!? Every single one that I've used has had serious stability issues. The damn things just reset themselves for no apparent reason or just stop working all together. (I've done the whole firmware upgrade and call support thing.)
    Well the Cisco's are old, stable but old. (just used in my lab). The d-link has been fine so far but it's only about 3 weeks old now. (thank you to you and morgan for giving me the warm & fuzzies about the d-link )

    Cheers:
    DjM

  7. #7
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    To be honest... I've had the best luck with linksys routers out of all the home grade routers. Read: low dollar routers. The wrt54g has been very very stable, but I use hacked firmware (sveasoft). I do have some problems with them (as with all low dollar routers) when it comes to downloading a TON of stuff off of p2p or torrents and such. Just maxes out the resources. Setup QoS and you're good to go.

    They can't compete with my Cisco 806 or Cisco 831... but very nice for the cost.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •