| Secunia Advisory: | SA29345 | |
| Release Date: | 2008-03-19 | |
| Critical: |  Less critical | |
| Impact: | Security Bypass DoS | |
| Where: | From local network | |
| Solution Status: | Unpatched | |
| OS: | Belkin Wireless G Router | |
| CVE reference: | CVE-2008-1242 (Secunia mirror) CVE-2008-1244 (Secunia mirror) CVE-2008-1245 (Secunia mirror) | |
:
Some security issues and a vulnerability have been reported in the Belkin Wireless G Router, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
1) An error in the implementation of authenticated sessions can be exploited to gain access to the router's control panel by establishing a session from a previously authenticated IP address.
2) An error exists within the enforcing of permissions in cgi-bin/setup_dns.exe. This can be exploited to perform restricted administrative actions by directly accessing the vulnerable script.
3) An error exists in the cgi-bin/setup_virtualserver.exe script when processing HTTP POST data. This can be exploited to deny further administrative access to an affected device via specially a crafted HTTP POST request with a "Connection: Keep-Alive" header.
The security issues and the vulnerability are reported in model F5D7230-4, firmware version 9.01.10. Other versions may also be affected.
Solution:
Restrict network access to the router's web interface.
Provided and/or discovered by:
loftgaia
Original Advisory:
http://www.gnucitizen.org/projects/router-hacking-challenge/
資料來源 http://secunia.com/advisories/29345/
留言列表
