Bugtraq: Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)

From: dan.crowley () gmail com
Date: 11 Dec 2008 19:42:58 -0000

Apologies, I understand where the flaw lies now. I thought you meant the XRSF was triggered from within the DD-WRT 
interface.

I don't know how much of an impact this will really have though, I suppose it would depend on how long login sessions 
last on DD-WRT and how often the user logs into their router.

Still, good find!

By Date By Thread

Current thread:

Re: Multiple XSRF in DD-WRT (Remote Root Command Execution), (continued)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) pUm (Dec 11)
  - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) Sebastian Gottschall (DD-WRT) (Dec 11)
  - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) Sebastian Gottschall (DD-WRT) (Dec 11)
    - Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) David E. Thiel (Dec 11)
- Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) dan . crowley (Dec 11)
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) dan . crowley (Dec 11)
- Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution) 0xjbrown41 (Dec 15)