Re: Remotely Exploitable Vulnerability In All D-Link Gateways

Author	All Replies
funchords Hello Premium,MVM join:2001-03-11 Washington, DC ·Verizon Online DSL ·Skype	reply to Hofbrau Re: Remotely Exploitable Vulnerability In All D-Link Gateways I could not reproduce this on my DI-624 using the steps in »www.intruders.com.br/adv0206en.html ... The alledged output file format is also very usual for that type of router. Can anyone?
	to forum · permalink · · 2006-06-22 00:46:20 ·
Hofbrau @rr.com	"I could not reproduce this on my DI-624 using the steps in »www.intruders.com.br/adv0206en.html ... The alledged output file format is also very usual for that type of router. Can anyone?" I sure hope no one can, since the vulnerability listed there was pretty specific to the DWL-2100 AP. I know I cant. Perhaps because they are two different vulnerabilities, with two different advisories? Reading works - really. Perhaps more time should be spent honing up the reading skills rather than apologism and minimization skills, but, that would probably only result in more time spent ambiguously and ignorantly (and amusingly) naysaying the "NAT Traversal" aspect of the UPnP IGD 1.0 specification under the general idea of "UPnP is insecure". Cogitate, Hofbrau
Hofbrau @rr.com	to forum · permalink · 2006-06-22 02:48:02 ·
latinuser_uy join:2004-07-15 UY 1 edit	HI, I tested the dwl-2100ap vulnerability, from an unauthenticated browser, tried the url »ip-of-my-dwl2100ap/cgi-bin/config.cfg I got a config file for download. It contained the wireless key in plain text format, plus the "admin" key in plain text, among other configuration stuff. Then I tried »ip-of-my-dwl2100ap/cgi-bin/nada.cfg and toto.cfg : same results. HW DWL-2100AP FW 2.00 I'm using the DWL-2100ap in AP mode, WPA-PSK. From the PC I was running the browser from, I had another browser which had an expired session (up from yesterday night) to the DWL-2100ap (the 2100ap would ask me for user/password as soon as I click on any option). I'll try again doing this first thing after rebooting my computer. I guess that's going to be after I come back from the office. There seems to be a 2.2 fw for the dwl2100ap from some non-us site, has anyone tried that one? Regards.
latinuser_uy join:2004-07-15 UY 1 edit	to forum · permalink · · 2006-06-22 07:38:36 ·


Saturday, 05-Dec 05:41:41	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. republican-creole page compression OFF