[Olug-list] En god grunn til å installere OpenWrt....?
terje@consider.no
terje at consider.no
Mon, 3 Oct 2005 11:22:09 +0200 (CEST)
I en av sikkerhets-mailinglistene jeg abbonerer på fant jeg følgende:
'Serious' security holes in Linksys router
Security holes in the Linksys WRT54G include a design error that unauthenticated users can exploit to modify router configuration.
Artikkel på:
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1124=
857,00.html
Det er fem problemer, problemer som gir en hacker mulighet til å kjøre kommandoer, endre passord og til og med installere ny firmware!
Sitat:
The fourth problem is a design error in the router's "upgrade.cgi" component when the "POST" method is used. The httpd running on the internal interfaces, including, by default, the wireless interface, does not check if authentication has failed until after data supplied by an external user has been processed. The upgrade.cgi handler allows a user to upload new firmware, which contains the operating system and applications, into the non-volatile memory of the router, the advisory said.
"Successful exploitation? would allow an unauthenticated user? to completely compromise the affected router, by installation of an arbitrary firmware," iDefense said. "As the source code and tools for compiling the firmware are available from the vendor, an attacker could simply rebuild the firmware and add the extra functionality."
Sikkerhetsproblemet er tatt hånd om i firmware version 4.20.7 som kan lastes ned fra Linksys-sidene.