Linksys WAG200G - Information disclosure (fwd)
I wonder what their security process is for other types of routers? -- Forwarded message -- Date: 20 Mar 2007 20:31:01 - From: [EMAIL PROTECTED] To: bugtraq@securityfocus.com Subject: Linksys WAG200G - Information disclosure Hi there, About 2 months ago I bought a wireless ADSL modem/router, the Linksys WAG200G. Just did some basic security checks and to my utter surprise the device responded with about all sensitive information it knows: * Product model * Password webinterface * Username PPPoA * Password PPPoA * SSID * WPA Passphrase I notified Linksys, got some regular support questions and was then assured my concerns would be forwarded to the product engineers. Some weeks later I tried again, same message, silence since then. My firmware version is 1.01.01, latest available for this type. 'Technical' info: Sent a packet to UDP port 916. Answer contains mentioned information. (LAN interface and Wireless interface) Greetings, Daniël Niggebrugge
Re: Linksys WAG200G - Information disclosure (fwd)
At 05:48 PM 3/20/2007, you wrote: I wonder what their security process is for other types of routers? Try [EMAIL PROTECTED] http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html#Problems -Robert -- Forwarded message -- Date: 20 Mar 2007 20:31:01 - From: [EMAIL PROTECTED] To: bugtraq@securityfocus.com Subject: Linksys WAG200G - Information disclosure Hi there, About 2 months ago I bought a wireless ADSL modem/router, the Linksys WAG200G. Just did some basic security checks and to my utter surprise the device responded with about all sensitive information it knows: * Product model * Password webinterface * Username PPPoA * Password PPPoA * SSID * WPA Passphrase I notified Linksys, got some regular support questions and was then assured my concerns would be forwarded to the product engineers. Some weeks later I tried again, same message, silence since then. My firmware version is 1.01.01, latest available for this type. 'Technical' info: Sent a packet to UDP port 916. Answer contains mentioned information. (LAN interface and Wireless interface) Greetings, Daniël Niggebrugge Tellurian Networks - Global Hosting Solutions Since 1995 http://www.tellurian.com | 888-TELLURIAN | 973-300-9211 Well done is better than well said. - Benjamin Franklin
Re: [funsec] Not so fast, broadband providers tell big users (fwd)
On 13 Mar 2007, at 20:31, Roland Dobbins wrote: On Mar 13, 2007, at 11:19 AM, Daniel Senie wrote: A universal service charge could be applied to all bills, with the funds going to subsidize rural areas. This is already done in the U.S., to no discernible effect. That isn't *quite* the opinion that ATT have ... ... http://gigaom.com/2007/02/07/atts-free-call-bill-2-million/ Although that is people using the rural kickback as a loophole to provide free telephony to people outside the area.. still shows that regulation always comes with an unexpected effect when times, technology and ideas advance. Cheers -a