RE: linksys WRT54g authentication bypass

["Ginsu Rabbit" <ginsurabbit () hotmail com>]

Miguel Valentin wrote:
> On my friends WRT54G router that I installed it always asks me for an ID 
> and
> password whenever I want to do anything even just checking the
> configuration. You must've been the unlucky one in a million who just
> happened to buy a "lemon".

You may want to reread the original advisory.  My router, just like your 
friend's, verifies for the user-id and password when I check the 
configuration.  The router does not verify the user-id and password when 
changing the configuration.

In order to test this, you'll need to hand-craft a web page or other tool to 
submit the change request to the router.

If you can verify one way or the other the behavior of your friend's router, 
please publish the router hardware and firmware version you tested.  You can 
read the hardware version off the bottom of your router.  The firmware 
version is visible when you log in to the router's web UI.

--
GR

_________________________________________________________________
Don’t just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/