mailing list archives
Re: CORE-20021005: Vulnerability Report For Linksys
From: AARG! Anonymous <remailer () aarg net>
Date: Wed, 11 Dec 2002 09:39:37 -0800
At 08:10 PM 12/10/02 -0300, CORE Advisories wrote:
Many Linksys' network appliances have a remote administration and
configuration interface via HTTP, either from the local network,
or, if it's enabled, from any host across the internet.
I just want to make sure I've got this right:
It comes with secure defaults.
But if I decide to open it up, it's not secure any more.
Gee, I wonder what other products could be configured into an insecure state and boilerplated into an advisory?
And would iDefense pay me for them?
Full-Disclosure - We believe in it.
- Re: CORE-20021005: Vulnerability Report For Linksys AARG! Anonymous (Dec 11)