Netgear's WG602 Fix?

Simply change the superuser account info

by Karl Bode Tuesday 08-Jun-2004 tags: hardware · security

Netgear has released updated firmware that addresses the Superuser account hidden in the company's WG602 access point; illuminated recently by this Bugtraq posting. As Slashdot users point out however, the company really didn't address the core of the problem, instead simply changing the username and password of the hidden account in question. Of course, now that this German Security website has posted the new account information, perhaps Netgear will be forced to issue a real fix.

Forums >

Netgear's WG602 Fix?

view: topics flat text

Kim Jong Mo Dollar Plz Premium join:2002-09-01 North Korea	Hahah Oh god, nice fix there idiots.
	permalink · 2004-06-08 13:00:14 · ·

Tomek Premium join:2002-01-30 Valley Stream, NY	Re: Hahah said by Kim Jong: Oh god, nice fix there idiots. So Dlink isn't the worst then? -- Resistance is Futile
	permalink · 2004-06-08 13:36:50 · ·

Kim Jong Mo Dollar Plz Premium join:2002-09-01 North Korea	Re: Hahah said by Tomek: said by Kim Jong: Oh god, nice fix there idiots. So Dlink isn't the worst then? Everyone makes mistakes. Price and hardware wise Netgear > DLink big time!
	permalink · 2004-06-08 13:39:33 · ·

Theo2002 join:2002-02-28 Clermont, FL	Doh! As I pointed out in the original thread, that's the kind of action that each individual should do (change the user/pass to their own choice). However, the files are not directly editable as some decoding has to occur.
	permalink · 2004-06-08 13:04:42 · ·

Anonymous Premium join:2004-06-01 IA kudos:1	LOL User superman Password 21241036 I'm glad I don't use their stuff
	permalink · 2004-06-08 13:07:38 · ·

Dirk Daring join:2000-08-03 Ashburn, VA	Can't you just see the oursourcing wheels churn? VPs yelling down the chain, the word goes from here to there all the way down the grape vine to India where some Indian tech making $2.00 an hour just changes the username and password and declairs it fixed.
	permalink · 2004-06-08 13:10:01 · ·

inteller Sociopaths always win. join:2003-12-08 Tulsa, OK	Re: Can't you just see the oursourcing wheels churn? thats the f-ing truth. meanwhile qualified US workers sit on their butt unemployed....THEY WILL ALL SOON LEARN!
	permalink · 2004-06-08 13:35:21 · ·

joebear29 join:2003-07-20 Alabaster, AL	Re: Can't you just see the oursourcing wheels churn? WHO WILL LEARN WHAT?
	permalink · 2004-06-08 14:18:18 · ·

inteller Sociopaths always win. join:2003-12-08 Tulsa, OK	Re: Can't you just see the oursourcing wheels churn? That outsourcing doesn't pay.
	permalink · 2004-06-08 15:13:41 · ·

joebear29 join:2003-07-20 Alabaster, AL	Is Netgear outsourcing tech support?
	permalink · 2004-06-08 15:23:21 · ·

cbs228
Geeks Of The World, Unite

join:2000-09-04
Saint Louis, MO

Re: Can't you just see the oursourcing wheels chur

said by joebear29:
Is Netgear outsourcing tech support?

Yes, they have been for some time. I know this because I had to call them after my FM114P died an unexpected death and had to be replaced. The hold times were positively horrid, >1 hour. My advice to you is, if you don't know what you are doing then don't count on Netgear to be much help.
--
"If you stare too long into the abyss the abyss stares back at you." -Nietzsche

GENERAL FAILURE READING ©: DRIVE
(A)bort, (R)etry, (F)rivolous Lawsuits, (B)ribe Congress?

permalink · 2004-06-08 15:33:35 · Print ·

Philmatic Premium join:2000-07-15 Elk Grove, CA	Fix just posted by Netgear Version 1.7.15 Fixed illegal user access the WEB configuration utility. Version 1.7.14 Fixed: Lost connections during heavy traffic Improved system reliability under heavy traffic Fixed illegal user access the WEB configuration utility. »kbserver.netgear.com/support_det···ldID=741 Not bad netgear, not bad at all
	permalink · 2004-06-08 13:11:05 · Print · ·

B
Premium,MVM
join:2000-10-28

Re: Fix just posted by Netgear

Your dupe post; my dupe reply:

said by B:

said by Philmatic:
Version 1.7.15
Fixed illegal user access the WEB configuration utility.

Version 1.7.14
Fixed: Lost connections during heavy traffic
Improved system reliability under heavy traffic
Fixed illegal user access the WEB configuration utility.

Not bad netgear, not bad at all

»kbserver.netgear.com/support_det···ldID=741

That's funny -- I view it as sort of pathetic. He's got it in bold and italics the SECOND time he "fixed" it.

quote:

Modifications and Bug Fixes

Version 1.7.15

* Fixed illegal user access the WEB configuration utility.

Version 1.7.14

* Fixed: Lost connections during heavy traffic
* Improved system reliability under heavy traffic
* Fixed illegal user access the WEB configuration utility.

Known Problems and Limitations

* WPA is not supported.
* Wireless Bridging and repeating functions are not supported
[Second boldface mine.]

And what's with the no WPA? Who would buy this router?

-- B

--
In a realm outside causality and function

permalink · 2004-06-08 13:59:24 · Print ·

Philmatic Premium join:2000-07-15 Elk Grove, CA	Re: Fix just posted by Netgear my dupe ignore
	permalink · 2004-06-08 14:33:47 · ·

pnh102 Reptiles Are Cuddly And Pretty Premium join:2002-05-02 Mount Airy, MD	said by B: And what's with the no WPA? Who would buy this router? Only a dupe -- Win another one for the Gipper! Bush/Cheney 2004
	permalink · 2004-06-08 22:23:29 · ·

B Premium,MVM join:2000-10-28	DSLR Security Thread I think I beat you by a minute or two this time, Karl! »NetGear's Improved Backdoor -- B -- In a realm outside causality and function
	permalink · 2004-06-08 13:11:30 · ·

Rhobite Premium join:2002-02-24 Waltham, MA	Re: DSLR Security Thread Well you both got it from Slashdot, so don't feel too proud
	permalink · 2004-06-08 13:26:50 · ·