Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsJob BoardISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Equipment Support » Hardware By Brand » 2Wire » 2Wire Cross Site Request Forgery Vulnerability
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Read the FAQs! ·Need Help? ·2W Home Page ·2W Support Page
at&t »
« 2700hg-b trouble configuring to talktalk  
AuthorAll Replies

sasparilla

join:2008-04-09
Round Lake, IL

reply to jandar
Re: 2Wire Cross Site Request Forgery Vulnerability

said by jandar See Profile :

2Wire 2701HG-B
Software: 5.29.109.11
With a system password set, none of those exploits work. It always prompts me to enter my current pass. Simple enough fix.
This sounds nice but 2Wire/AT&T must be rolling it out slowly - its apparantly only available to some people so far.

If I go to "View Available System Upgrades" on my AT&T/2Wire 2701HG-B, which has never been updated since it came from AT&T, it shows none available....Software version is 5.29.109.5. :-(

So, while a fix is supposedly out there, its apparantly not out there for everyone yet.
to forum · permalink · · 2008-04-09 14:21:30 · Reply to this


left_out

@sbcglobal.net
said by sasparilla See Profile :

This sounds nice but 2Wire/AT&T must be rolling it out slowly - its apparantly only available to some people so far.
AT&T claims they've already rolled it out to the majority of its customers. »tech.slashdot.org/tech/08/04/08/···14.shtml

None of this helps us poor HomePortal 1xxx users, since we can't use 5.xx firmwares. No update for us, it seems. My 1701HG remains very hackable. »AT&T claims this is fixed???
to forum · permalink · 2008-04-09 15:51:22 · Reply to this

koolkid1563
Premium,MVM
join:2005-11-06
Powell, WY
clubs:
·Bresnan Online
·AT&T U-Verse

edit:
April 9th, @04:15PM
reply to sasparilla
Note that the fix may not be in the form of a firmware upgrade. AT&T first fixed this issue on the 3800 series with a UI Hotfix that got applied. The firmware upgrade included the hotfix in it's code so the hotfix was no longer needed.

It might take awhile, but at least they are trying.
to forum · permalink · · 2008-04-09 16:15:06 · Reply to this
Forums » Equipment Support » Hardware By Brand » 2Wireat&t »
« 2700hg-b trouble configuring to talktalk  

Friday, 05-Dec 11:24:38 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 9 years online! © 1999-2008 dslreports.com.
page compression OFF
Most commented news this week
· [126] AT&T Metered Billing Trial Hits Second Market
· [102] AT&T Cutting 12,000 Jobs
· [97] UDP BitTorrent Will Destroy The Interwebs!
· [94] Exclusive Screens Of Comcast's New Bandwidth Meter
· [93] Scott Cleland: Google Using 21x The Bandwidth They Pay For
· [90] EFF Challenges Telecom Immunity
· [84] Firefox Extension Leads Amazon Customers To Pirated Alternatives
· [63] Apple: Who Believes Our Ads Anyway?
· [62] Comcast Tries To Slow Verizon's Philly Entry
· [62] Comcast To Offer Bandwidth Use Tracker In January
Most people now reading
· Security Cleanup - useless - according to Steve Gibson [Security]
· Always leave the Windows Firewall on? [Security]
· Adventures in Bell... a Teksavvy production... [TekSavvy]
· VZ Updates Channel Lineup Web Page [Verizon FIOS TV]
· why do people freak out on planning a wedding? [General Questions]
· Coalition Government Possible? [TekSavvy]
· [game] Crazy Game Fun Time!!! [Pub Games]
· Garage Door Track Pulled Off Wall? [Home Repair & Improvement]
· Use two modems in one residence? [Comcast HSI]
· Creating my own DSL splitter [TekSavvy]