Bugtraq mailing list archives
Re: Linksys WRT54 GL - Session riding (CSRF)
From: Valdis.Kletnieks () vt edu
Date: Tue, 15 Jan 2008 13:14:03 -0500
On Mon, 14 Jan 2008 12:58:17 CST, Jan Heisterkamp said:
A malicious link executing unnoticed by the administrator may open the firewall.The catch is that this exploit don't work unnoticed, because the admin get notification in the browser that there has occured an error with the cerificate ["Unable to verify the identity of Linksys as a trusted site"] and he has explicity allow it. In other words first he has to allow to be attacked...
A very high percentage of Joe Sixpack "sysadmins" sitting at home surfing for Nascar and pr0n will go "Yeah, whatever" and click OK anyhow. A long time ago, I stopped thinking that "User must click OK to scary-looking message" was any sort of road bump for malware.
Attachment:
_bin
Description:
Current thread:
- Linksys WRT54 GL - Session riding (CSRF) tomaz . bratusa (Jan 07)
- Re: Linksys WRT54 GL - Session riding (CSRF) Jan Heisterkamp (Jan 07)
- Re: Linksys WRT54 GL - Session riding (CSRF) Jan Heisterkamp (Jan 07)
- Re: Linksys WRT54 GL - Session riding (CSRF) Florian Weimer (Jan 11)
- RE: Linksys WRT54 GL - Session riding (CSRF) Tomaz (Jan 14)
- Re: Linksys WRT54 GL - Session riding (CSRF) J. Oquendo (Jan 14)
- Re: Linksys WRT54 GL - Session riding (CSRF) Jan Heisterkamp (Jan 15)
- Re: Linksys WRT54 GL - Session riding (CSRF) Valdis . Kletnieks (Jan 15)
- RE: Linksys WRT54 GL - Session riding (CSRF) Tomaz (Jan 14)
- <Possible follow-ups>
- Re: Linksys WRT54 GL - Session riding (CSRF) Daniel Weber (Jan 15)