Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: CORE-20021005: Vulnerability Report For Linksys
From: AARG! Anonymous <remailer () aarg net>
Date: Wed, 11 Dec 2002 09:39:37 -0800

At 08:10 PM 12/10/02 -0300, CORE Advisories wrote:
Many Linksys' network appliances have a remote administration and
configuration interface via HTTP, either from the local network,
or, if it's enabled, from any host across the internet.

I just want to make sure I've got this right:

It comes with secure defaults.

But if I decide to open it up, it's not secure any more.

Gee, I wonder what other products could be configured into an insecure state and boilerplated into an advisory?

And would iDefense pay me for them?

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]