If you have one of these pieces of hardware, and you are worried about
the holes in it, why not just patch/replace the binaries yourself:
http://www.batbox.org/wrt54g-linux.html
It took a while for Linksys to release their GPL-ed source, but they
finally gave in to the community (and copyright law). Now there is a
distro for it and the product has a good deal more utility.
tim
On Thu, Dec 04, 2003 at 01:41:54AM -0500, Jonathan A. Zdziarski wrote:
> In a lot of cases, this would only be exploitable internally, since many
> configurations are set up not to allow access to the unit externally.
> But in any case, there are a lot of other ways to DoS these little
> residential boxes. Running macof (part of the dsniff package) will
> effectively shut down all traffic on the network. I'm sure arpspoof
> without forwarding would do the same thing. I'm surprised these things
> don't support something as basic as SSL for authentication (at least the
> model I've got doesn't)
>
> On Wed, 2003-12-03 at 23:42, Michael Renzmann wrote:
> > Can anyone confirm if technically identical devices such as the Buffalo
> > WBR-G54 share this vulnerability?
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Thu Dec 04 03:02:28 2003
This archive was generated by hypermail 2.1.8 : Thu Dec 04 2003 - 04:01:01 CST
