site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > Open-source firmware flaw exposes wireless routers - DD-WRT

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


SirMeowmix_III

@windstream.net

reply to Stem Bolt

Re: Open-source firmware flaw exposes wireless routers - DD-WRT

The issue is in http.c, see the milw0rm exploit which explains the issue in detail:

»www.milw0rm.com/exploits/9209

To further clarify:

quote:
Unlike the already documented CSRF vulnerability ( »www.securityfocus.com/bid/32703 ) this DOES NOT need an authenticated session. This means someone can even post some crafted [img] link on a forum and a dd-wrt router owner visiting the forum will get owned
The IP address of the router would need to be known as well as the local IPv4 addressing scheme if using RFC1918.
to forum · permalink · 2009-07-22 14:13:17 ·
Forums > Broadband Tech > Security > Security

Saturday, 02-Jun 19:21:41 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics