LOL, forget The Dude - need something like this: http://ftmdaily.com/global-issues/terrorism/mind-blowing-app-reveals-global-cyberwar-in-real-time/
On Tue, Dec 23, 2014 at 12:08 PM, Justin Miller <[email protected]> wrote: > > What does Misfortune Cookie have to do with TR-069? > > We began this research by surveying client-side implementations of TR-069 > <http://en.wikipedia.org/wiki/TR-069> (CWMP), after noticing the extreme > prevalence <https://zmap.io/paper.pdf%22> of endpoints listening on the > default CWMP Connection-Request port (7547), second only to HTTP (port 80) > listening endpoints. Misfortune Cookie was uncovered during the examination > of RomPager - the most popular recognized service on this port. > Is this a problem with the TR-069 protocol specification? > > While the proliferation of devices managed by TR-069 is responsible for > creating a very large vulnerable client population, Misfortune Cookie is > not a vulnerability related to the TR-069/CWMP per se. Misfortune Cookie > affects any implementation of a service using the old version of RomPager's > HTTP parsing code, on port 80, 8080, 443, 7547, and others. > http://mis.fortunecook.ie/ > > > > *Justin Miller* > > VA SkyWire, LLC > 1707 E Main St > Richmond, VA 23223 > Office: (804) 521-4212 > Desk: (804) 591-0500 ext 101 > Fax: (804) 591-1559 > [email protected] > > On Dec 23, 2014, at 12:00 PM, Brough Turner <[email protected]> wrote: > > No it's an issue with the RomPager embedded web server software from > Allegro Software. > See: > > http://www.prweb.com/releases/misfortunecookie/allegrosoft/prweb12409335.htm > > https://www.allegrosoft.com/allegro-software-urges-manufacturers-to-maintain-firmware-for-highest-level-of-embedded-device-security/news-press.html > > MikroTik does not use this software but some models by ASUS, D-Link, > Edimax, Huawei, TP-Link, ZTE, and ZyXEL do. > > Thanks, > Brough > > Brough Turner > netBlazr Inc. - Free your Broadband! > Mobile: 617-285-0433 Skype: brough > netBlazr Inc. <http://www.netblazr.com/> | Google+ > <https://plus.google.com/102447512447094746687/posts?hl=en> | Twitter > <https://twitter.com/#%21/brough> | LinkedIn > <http://www.linkedin.com/in/broughturner> | Facebook > <http://www.facebook.com/brough.turner> | Blog > <http://blogs.broughturner.com/> | Personal website > <http://broughturner.com/> > > > On Tue, Dec 23, 2014 at 11:54 AM, Justin Miller <[email protected]> > wrote: >> >> No it's an issue with TR-069 which is not part of RouterOS. >> >> >> *Justin Miller* >> >> VA SkyWire, LLC >> 1707 E Main St >> Richmond, VA 23223 >> Office: (804) 521-4212 >> Desk: (804) 591-0500 ext 101 >> Fax: (804) 591-1559 >> [email protected] >> >> On Dec 23, 2014, at 11:25 AM, Joey Craig <[email protected]> wrote: >> >> Misfortune Cookie vulnerability affects 12 million routers | CSO Online >> >> >> http://www.csoonline.com/article/2862378/malware-cybercrime/misfortune-cookie-vulnerability-affects-12-million-routers.html >> _______________________________________________ >> Mikrotik-users mailing list >> [email protected] >> http://lists.wispa.org/mailman/listinfo/mikrotik-users >> >> >> >> _______________________________________________ >> Mikrotik-users mailing list >> [email protected] >> http://lists.wispa.org/mailman/listinfo/mikrotik-users >> >> _______________________________________________ > Mikrotik-users mailing list > [email protected] > http://lists.wispa.org/mailman/listinfo/mikrotik-users > > > > _______________________________________________ > Mikrotik-users mailing list > [email protected] > http://lists.wispa.org/mailman/listinfo/mikrotik-users > > -- -RickG KyWiFi
_______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
