Re: Remotely Exploitable Vulnerability In All D-Link Gateways

Author	All Replies
DLinkSupprt3 join:2002-10-02 Fountain Valley, CA	reply to Hofbrau Re: Remotely Exploitable Vulnerability In All D-Link Gateways Although there has been no official notification, we have released firmware for a few of the affected router models that fixes this vulnerability. The models with firmware posted on our support site are the DI-604, DI-784, and EBR-2310. For the models that a fix has not yet been released, we are currently in the process of testing firmwares and will be releasing them as soon as they are ready. -- D-Link Building Networks for People
DLinkSupprt3 join:2002-10-02 Fountain Valley, CA	to forum · permalink · · 2006-06-20 20:31:06 ·
jbob Reach Out and Touch Someone Premium join:2004-04-26 Little Rock, AR ·Comcast ·AT&T Southwest	said by DLinkSupprt3 : Although there has been no official notification, we have released firmware for a few of the affected router models that fixes this vulnerability. The models with firmware posted on our support site are the DI-604, DI-784, and EBR-2310. For the models that a fix has not yet been released, we are currently in the process of testing firmwares and will be releasing them as soon as they are ready. I have a DI-784 but the current firmware on the site hasn't changed since v2.40, 3/22/2006. Surely this is not a release for the 784 that fixes the vulnerability. Unless the fixed firmware is at another location on the site...Beta??
	to forum · permalink · · 2006-06-20 23:34:13 ·
ozzy_0 join:2002-12-04 Kingston, ON	I am also at a loss in finding the patched firmware for the DI-784 anywhere on the Dlink site. Please advise where we can obtain it.
ozzy_0 join:2002-12-04 Kingston, ON	to forum · permalink · · 2006-06-22 01:49:43 ·
Hofbrau @rr.com	"I am also at a loss in finding the patched firmware for the DI-784 anywhere on the Dlink site. Please advise where we can obtain it." The D-Link tech may be implying that the 2.40 firmware dated as of 3/22/06 fixes the vulnerability. »support.dlink.com/products/view.···DI%2D784 It does in fact list as the first item "Fixed DOS issue". (They meant "DoS issue", though, if they took this seriously at all, they would have typed out "Denial-of-Service Security Issue" to be a little more clear. However, thats a minimization of the actual vulnerability which is in fact remotely exploitable and allows for complete system takeover, assuming its the same security issue at all that its referring to. Its not like they have provided any specific documentation or details about the problem/patch.) Surely, you didnt expect him to come right out and tell you which firmware version for which model/revision addresses the issue, did you? I mean, that would be like, useful support, like, and stuff. If they were like to do like that, you might like get the idea like that they like take this security stuff like seriously dude. Cogitate, Hofbrau
Hofbrau @rr.com	to forum · permalink · 2006-06-22 03:05:54 ·


Wednesday, 09-Dec 01:36:06	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF