Full Disclosure mailing list archives

Re: Drive-by Pharming

From: "Brian Eaton" <eaton.lists () gmail com>
Date: Fri, 16 Feb 2007 10:49:47 -0500

On Thur, 16 Feb 2007 02:00:00 +0800, psirt () cisco com <psirt () cisco com> wrote:

As the paper does not disclose any new vulnerability in Cisco products,
Cisco is issuing this response and not a Security Advisory.  The purpose
of this response is to inform customers how to change any default
credentials which may ship pre-configured on an impacted Cisco router
(identified below), upon initial configuration and before the device is
connected to a public network.


The Drive-by Pharming paper also relied on exploiting CSRF
vulnerabilities in the router web administration interfaces.  Changing
the passwords does a lot to mitigate the risk, but the CSRF
vulnerabilities should be fixed.

Regards,
Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Drive-by Pharming Oliver Friedrichs (Feb 15)
- Re: Drive-by Pharming James Matthews (Feb 16)
  - Re: Drive-by Pharming Knud Erik Højgaard (Feb 16)
    - Re: Drive-by Pharming McCarty, Eric C. (Feb 16)
- <Possible follow-ups>
- Re: Drive-by Pharming psirt (Feb 16)
  - Re: Drive-by Pharming Brian Eaton (Feb 16)
  - Re: Drive-by Pharming Larry Seltzer (Feb 16)
    - Re: Drive-by Pharming Dario Ciccarone (dciccaro) (Feb 16)
    - Re: Drive-by Pharming Fabian (Lists) (Feb 16)
    - Re: Drive-by Pharming pagvac (Feb 17)
    - Re: [inbox] Re: Drive-by Pharming Exibar (Feb 18)