Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: WRT54G directory trasversial vulnerability
From: Barrie Dempster <barrie () reboot-robot net>
Date: Fri, 14 Oct 2005 10:51:34 +0100

On Wed, 2005-10-12 at 16:36 -0400, Shell wrote:
I just found a vulnerability in Linksys WRT54G routers.

It loads the page after action returns the setup page returns that the file does not exist

Confirmed, however authentication is required. Still a vulnerability in
the system and worth patching though.

It's worth noting that there is alternative firmware available for this
device such as OpenWRT http://www.openwrt.org .

With Regards..
Barrie Dempster (zeedo) - Fortiter et Strenue

"He who hingeth aboot, geteth hee-haw" Victor - Still Game

blog:  http://reboot-robot.net
sites: http://www.bsrf.org.uk - http://www.security-forums.com
ca:    https://www.cacert.org/index.php?id=3

Attachment: smime.p7s

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]