mailing list archives
Re: Port scanning /0 using insecure embedded devices
From: Valdis.Kletnieks () vt edu
Date: Thu, 21 Mar 2013 21:08:27 -0400
On Tue, 19 Mar 2013 17:25:18 -0400, Jeffrey Walton said:
Many of them are based on Linux and allow
login to standard BusyBox with empty or
Forgive my ignorance, but what does the authentication problem (or
lack thereof) have to do with linux/uclibc/busybox? It seems to be a
manufacturer problem (for example, Actiontec) or an integrator
problem (such as Verizon or Comacast), unless I am missing something.
For the integrator, it's a warning flag: "53 companies have made this same
identical mistake, don't be the 54th".
For the black hats, it's low-hanging fruit.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/