Slashdot Mirror

← Back to Stories (view on slashdot.org)

Vulnerability In Linksys Cable/DSL Router

Posted by CowboyNeal on from the bugs-sploits-and-buffer-overruns dept.

ispcay writes "Yahoo has published an article on a Linksys vulnerability. An easily exploitable software vulnerability in a common home networking router by Linksys Group could expose thousands of home users to denial of service attacks, according to a security advisory issued by iDefense, a software security company." The article's kinda sparse on details, but does mention that the vulnerability is fixed in the latest firmware release. Upgrade 'em if ya got 'em!

2 of 254 comments (clear)

  1. Re:Upgrade Firmware by eean · · Score: 3, Interesting

    Not really, considering that the .01% who know what they are doing don't have remote management turned on. Then there are the large majority of home users who went through the quick step guide and never accessed their router again, so have the default setting (remote management off). Those at risk are those who know enough to be dangerous.

    I suppose there are a few people who have an actual reason to use remote management. These people need to update.

    I'm not going to update my router - its functional, and secure. Since all your settings are erased on update, it would take more work then is worth it.

  2. Router is not the only problem by rworne · · Score: 3, Interesting
    A security exploit has also been found in their (and other vendor's) Wireless Access Points.

    Sending a certain string over a certain UDP port will cause the AP to return the WEP key, mac filter settings, and admin password over the WLAN and LAN side.

    Exploit can be found here

    Makes me glad to have bought an Apple Airport for a change.

    --
    I tried every decent and legal way I could think of to resolve the issue w/the business before I rented the chicken suit