Security contacts at Netgear and/or D-Link? (DoS, pos. default PWs and other issues)

[rembrandt <rembrandt () jpberlin de>]

Is somebody aware of security contacts at Netgear or D-Link?

Products of those vendors do suffer from possible DoS, propably default
hardcoded root accounts (D-Link) and other issues.


Timeline:

ZDI:
Case Opened     2009-01-18 04:24 GMT-6
Case Closed     2009-01-19 14:12 GMT-6
"We are not interested in vulnerabilities affecting D-Link at this
time."

Case Opened     2008-12-28 07:57 GMT-6
Case Closed     2009-01-15 17:01 GMT-6
"After some deliberation we have unfortunately decided that we won't be
accepting bugs affecting NetGear products."


Contacting mitre.org, asking for CVE and a contact at D-Link:
Mo, 2.02.2009, 13:01

Contacting mitre.org and NetGear asking for CVE and contact:
Mo, 2.02.2009, 12:55
pressrelations () netgear com (OSVDB entry in the contact field)
coley () linus mitre org (cc, found by googling)


No replies so far.
Maybe NetGear and D-Link could consider to work together with the OSVDB
to enter at least some valid contact data.

Somebody interested into Router issues (and no it's no xss...)?
The vendor itself seam to not to care about their customers or security...


Kind regards,
Rembrandt

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/