nanog mailing list archives
Re: Linksys WAG200G - Information disclosure (fwd)
From: Robert Boyle <robert () tellurian com>
Date: Tue, 20 Mar 2007 19:08:02 -0400
At 05:48 PM 3/20/2007, you wrote:
I wonder what their security process is for other types of routers?
Try psirt () cisco com http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html#Problems -Robert
---------- Forwarded message ---------- Date: 20 Mar 2007 20:31:01 -0000 From: dniggebrugge () hotmail com To: bugtraq () securityfocus com Subject: Linksys WAG200G - Information disclosure Hi there,About 2 months ago I bought a wireless ADSL modem/router, the Linksys WAG200G. Just did some basic security checks and to my utter surprise the device responded with about all sensitive information it knows:* Product model * Password webinterface * Username PPPoA * Password PPPoA * SSID * WPA PassphraseI notified Linksys, got some regular support questions and was then assured my concerns would be forwarded to the product engineers. Some weeks later I tried again, same message, silence since then.My firmware version is 1.01.01, latest available for this type. 'Technical' info: Sent a packet to UDP port 916. Answer contains mentioned information. (LAN interface and Wireless interface) Greetings, Daniƫl Niggebrugge
Tellurian Networks - Global Hosting Solutions Since 1995 http://www.tellurian.com | 888-TELLURIAN | 973-300-9211 "Well done is better than well said." - Benjamin Franklin
Current thread:
- Linksys WAG200G - Information disclosure (fwd) Gadi Evron (Mar 20)
- Re: Linksys WAG200G - Information disclosure (fwd) Robert Boyle (Mar 20)
- Re: Linksys WAG200G - Information disclosure (fwd) Mike Caudill (Mar 21)
- Re: Linksys WAG200G - Information disclosure (fwd) Gadi Evron (Mar 21)
- Re: Linksys WAG200G - Information disclosure (fwd) Peter Dambier (Mar 27)
- Re: Linksys WAG200G - Information disclosure (fwd) Mike Caudill (Mar 21)
- Re: Linksys WAG200G - Information disclosure (fwd) Robert Boyle (Mar 20)