Re: Linksys Routers still Vulnerable to Wps vulnerability.

[andrewn <andrew () safeformat com>]

Use Tomato-USB OS on them. 

A. 

On Fri, 10 Feb 2012 07:40:03 +0000,
farthvader () hush ai wrote: Don't buy Linksys Routers they are vulnerable to
Wifi unProtected Setup Pin registrar Brute force attack.
No patch or
workaround exist at the making of this post.

Vulnerable list and alleged
patch
availability:
source:http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&articleid=25154
[1]

 E1000 To Be Disclosed (aka we don't have idea)
 E1000 v2 To Be
Disclosed
 E1000 v2.1 To Be Disclosed
 E1200 v1 early March
 E1200 v2 early
March
 E1500 early March
 E1550 mid March
 E2000 To Be Disclosed
 E2100L
mid March
 E2500 early March
 E3000 To Be Disclosed 
 E3200 early March

E4200 v1 early March
 E4200 v2 To Be Disclosed
 M10 To Be Disclosed
 M20 To
Be Disclosed
 M20 v2 To Be Disclosed
 RE1000 early March
 WAG120N To Be
Disclosed
 WAG160N To Be Disclosed
 WAG160N v2 To Be Disclosed
 WAG310G To
Be Disclosed
 WAG320N To Be Disclosed
 WAG54G2 To Be Disclosed
 WAP610N To
Be Disclosed
 WRT110 To Be Disclosed
 WRT120N To Be Disclosed
 WRT160N v1
To Be Disclosed
 WRT160N v2 To Be Disclosed
 WRT160N v3 To Be Disclosed

WRT160NL To Be Disclosed
 WRT310N v1 To Be Disclosed
 WRT310N v2 To Be
Disclosed
 WRT320N To Be Disclosed
 WRT400N To Be Disclosed
 WRT54G2 v1 To
Be Disclosed
 WRT54G2 v1.3 To Be Disclosed
 WRT54G2 v1.5 To Be Disclosed

WRT54GS2 v1 To Be Disclosed
 WRT610N v1 To Be Disclosed
 WRT610N v2 To Be
Disclosed
 X2000 To Be Disclosed
 X2000 v2 To Be Disclosed
 X3000 To Be
Disclosed

The question is why a big company like Cisco/Linksys didn't
release a patch since almost 1 month and a half ?.

Well i have
circumstantial evidence that Cisco outsource some of their Linksys firmware
routers to other companies (Arcadyan for example.) in some cases source
code is only available through NDA's or not available at all. That's why
they are taking so long to release a fix to the WPS vulnerability. Fixing a
vulnerability like this with all the bureoucratic, QA and legal process
wouldn't take no more than 2 weeks. I found some GPL violations by the way
but this is beyond the scope of this message (obfuscating firmware it's
useless you now).

I apologize if i offended someone but IT security it's
serious business specially if someone use your wifi to commit crimes.
This
vulnerability contains public and very easy to use exploit code, it's not a
Denial of Service.

Farth Vader. 

 

Links:
------
[1]
http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&articleid=25154

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/