Full Disclosure mailing list archives
Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability]
From: "Jonathan A. Zdziarski" <jonathan () nuclearelephant com>
Date: Thu, 04 Dec 2003 01:41:54 -0500
In a lot of cases, this would only be exploitable internally, since many configurations are set up not to allow access to the unit externally. But in any case, there are a lot of other ways to DoS these little residential boxes. Running macof (part of the dsniff package) will effectively shut down all traffic on the network. I'm sure arpspoof without forwarding would do the same thing. I'm surprised these things don't support something as basic as SSL for authentication (at least the model I've got doesn't) On Wed, 2003-12-03 at 23:42, Michael Renzmann wrote:
Can anyone confirm if technically identical devices such as the Buffalo WBR-G54 share this vulnerability?
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Michael Renzmann (Dec 03)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Jonathan A. Zdziarski (Dec 03)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Michael Renzmann (Dec 03)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Jonathan A. Zdziarski (Dec 03)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Tim (Dec 04)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Michael Renzmann (Dec 03)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] kang () insecure ws (Dec 04)
- Re: [Fwd: Bugtraq: Linksys WRT54G Denial of Service Vulnerability] Jonathan A. Zdziarski (Dec 03)