Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Equipment Support » Hardware By Brand » D-Link » Remotely Exploitable Vulnerability In All D-Link Gateways
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Read This Before Posting! ·D-Link FAQ ·DLink Connection Monitor Utility 1.7.97
Help Configuring My Gigabit Network Adapter »
« How to change firewall settings?  
AuthorAll Replies

latinuser_uy

join:2004-07-15
UY

reply to Hofbrau
Re: Remotely Exploitable Vulnerability In All D-Link Gateways

I saw this one about the DWL-2100ap (havent tested it myself):

»www.intruders.com.br/adv0206en.html
»www.securitytracker.com/alerts/2···234.html

SecurityTracker Alert ID: 1016234
SecurityTracker URL: »securitytracker.com/id?1016234
CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)
Date: Jun 6 2006
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information
Fix Available: Yes Exploit Included: Yes Vendor Confirmed: Yes
Version(s): D-Link DWL-2100ap; firmware version 2.10na
Description: A vulnerability was reported in the D-Link DWL-2100ap wireless router. A remote user can obtain sensitive information from the target device.

A remote user can directly request files in the '/cgi-bin/' directory with a '.cfg' file extension to obtain the device configuration.

A demonstration exploit URL is provided:

»[target]/cgi-bin/Intruders.cfg

Wendel Guglielmetti Henrique and the Intruders Tiger Team Security discovered this vulnerability.

The original advisory is available at:

»www.intruders.com.br/adv0206en.html
Impact: A remote user can obtain the device configuration, including password information.
Solution: The vendor has reportedly issued a firmware patch, available at:

»www.dlink.com.br/internet/downlo···0343.tfp
Vendor URL: www.dlink.com/ (Links to External Site)
Cause: Access control error

Message History: None.
to forum · permalink · · 2006-06-20 13:03:01 · Reply to this
Forums » Equipment Support » Hardware By Brand » D-LinkHelp Configuring My Gigabit Network Adapter »
« How to change firewall settings?  

Wednesday, 09-Dec 17:19:37 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [197] Sprint Sued For Distracted Driving Death
· [96] AT&T Launching New 24 Mbps U-Verse Tier
· [81] 3G Network Test Says AT&T Is Tops
· [72] Mediacom Unveils 105 Mbps Pricing
· [66] Sprint Poised For A Turnaround?
· [61] WPA Cracker: Test WPA-PSK Networks In 20 Minutes
· [51] The Future Of Wi-Fi Is Bright
· [47] Site Leaks Yahoo, Verizon Fed Data Share Pricing
· [44] Microwaving Your Innards Is Not 'Extreme'
· [39] Verizon LTE: 5-12 Mbps Downstream
Most people now reading
· MicroSoft Discontinues Sale of Windows 7 Family Pack in US [Microsoft Help]
· Man Downloads Child Porn "Accidentally," Faces 20 Years [Security]
· Is sleeping similar to being dead? [General Questions]
· Adobe Flash Player version 10.0.42.34 [Security]
· Comcast refused to install 400' feet. [Comcast HSI]
· [ Classes] ATTN Death Knights - Post your spec for critique! [World of Warcraft]
· Cross Server Dungeon Experience [World of Warcraft]
· Buzzing whatchamacallit in ceiling...?? Help identify. [Home Repair & Improvement]
· HOA Headaches [General Questions]
· Heather's mouth taped shut!! [Spam, Scam and Phishbusters]