Hmm. I might be ok then. The only way to my admin console is to physically plug in to the router.<br><br>-- CHS<br><br><br><div class="gmail_quote">On Fri, Jul 24, 2009 at 12:53 PM, Michael H. Warfield <span dir="ltr"><<a href="mailto:mhw@wittsend.com">mhw@wittsend.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="im">On Fri, 2009-07-24 at 10:28 -0400, Charles Shapiro wrote:<br>
> Looks like your dd-wrt router is now vulnerable to root access over<br>
> the net. The flaw involves an invalid graphics file sent to the web<br>
> server. They've released a fix. Details are available on the dd-wrt<br>
> website<br>
> ( <a href="http://www.dd-wrt.com/dd-wrtv3/community/developmentnews/34-dd-wrt-httpd-vulnerability-milw0rmcom-report.html" target="_blank">http://www.dd-wrt.com/dd-wrtv3/community/developmentnews/34-dd-wrt-httpd-vulnerability-milw0rmcom-report.html</a> ).<br>
<br>
</div> It's much MUCH simpler than an invalid graphics file. It's a meta<br>
character escape in the URL. Doesn't require any file at all. Pretty<br>
much a trivial instant remote root. But you have to have access to the<br>
Administration http service, which is disabled by default from the WLAN<br>
(Wireless LAN) and Internet (WAN) ports and should only be accessible<br>
from the LAN (hardwired) ports. That just leaves it vulnerable to local<br>
attacks, reflection attacks, and CSRF attacks. Sigh...<br>
<div class="im"><br>
> I think coova is not affected, since it's based on openwrt<br>
> ( <a href="http://openwrt.org/" target="_blank">http://openwrt.org/</a> )?<br>
<br>
> -- CHS<br>
<br>
</div> Mike<br>
<font color="#888888">--<br>
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw@WittsEnd.com<br>
/\/\|=mhw=|\/\/ | (678) 463-0932 | <a href="http://www.wittsend.com/mhw/" target="_blank">http://www.wittsend.com/mhw/</a><br>
NIC whois: MHW9 | An optimist believes we live in the best of all<br>
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!<br>
<br>
</font><br>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
<br></blockquote></div><br>