Slashdot Mirror

← Back to Stories (view on slashdot.org)

NetGear Also Has Remote Access Wide Open

Posted by CowboyNeal on from the hotspot-back-doors dept.

Glenn Fleishman writes "On the heels of Linksys's WRT54G problem of not allowing remote access to be disabled in certain cases and firmware, BugTraq published this report that NetGear's WG602 access point has a hidden password that provides remote and local administrative control. Unlike Linksys's, where turning the firewall on (which is on by default, but a researcher found new units in which it was off when taken out of the box), the NetGear hole cannot be disabled. The backdoor seems to have been created by the vendor that packaged the device for NetGear."

14 of 215 comments (clear)

  1. Don't you mean.. by Sadiq · · Score: 5, Funny

    "The backdoor seems to have been created by the vendor that used to package devices for NetGear"

    --
    SysWear - Geek T-shirts (UK/Europe)
    1. Re:Don't you mean.. by Anonymous Coward · · Score: 0, Funny

      Yeah, really. What kind of morons would put something like this in a security product? I guess this is what happens when you contract programming out to the lowest-priced bidder--you'll end up with idiot programmers in third-world countries with no common sense and who are so brain-dead they have to hard-code a password into the product because they can't remember the one they are testing it with.

      You get what you pay for.

      Unbelievable. Seriously f'in unbelievable.

  2. Re:One wonders what the internal policies are ... by Trigun · · Score: 5, Funny

    There's a backdoor in the software auditing software. The programmer is safe.

  3. taiwan, eh? by abscondment · · Score: 5, Funny

    A search on Google revealed that "5777364" is actually the phonenumber of z-com Taiwan which develops and offers WLAN equipment for its OEM customers.

    This number, surprisingly enough, is also the total amount of wooden furniture shipped from Malaysia to Bahrain in 1998. Conpsiracy! Conspiracy!

    1. Re:taiwan, eh? by AbbyNormal · · Score: 2, Funny

      Also my luggage combination....MUha ha ha ha ha.

      Oh, nevermind.

      --
      Sig it.
  4. No, please, don't... by Anonymous Coward · · Score: 0, Funny

    Please, trolls, pretty please...
    Don't show us just HOW wide open the hole is.

  5. Re:No backdoors with BSD! by Trigun · · Score: 5, Funny

    best line i could think of was "why do you come back and try my new kernal on...

    You should try my pick-up line: Excuse me miss, but does this rag smell like chloroform?

    Works every time.

  6. Awesome! by SuperBanana · · Score: 5, Funny
    Fixed in new firmware, available here:

    Super! Now I just have to downlo
    [CONNECTION DROPPED, REMOTE SIDE 0WN3D]

    --
    Please help metamoderate.
  7. Too easy by SuperBanana · · Score: 3, Funny

    All your basestation are belong to us?

    Man, takes all the fun out of these jokes when it's so easy.

    --
    Please help metamoderate.
  8. Re:Possibilities. by Anonymous Coward · · Score: 1, Funny

    I had a motherboard with AMI bios that had a backdoor password... Three letters, guess what? :)

  9. Re:Fixed in new firmware, available here: by I+confirm+I'm+not+a · · Score: 4, Funny

    Thanks, just downloaded and upgraded.

    (Off topic: was anyone else disappointed that the "super" login didn't make the web control panel reveal easter eggs? I mean, you just had to try it while you were upgrading, right?)

    --
    This is where the serious fun begins.
  10. Provides convenient excuse for content access by noidentity · · Score: 3, Funny

    Come on! These backdoors provide a convenient excuse when you're charged with breaking the law by accessing illegal content over your connection. If the vendor told you of their presence, you wouldn't be able to use them as a defense. Er wait, if you didn't know of them... hmmm...

  11. Re:Fixed in new firmware, available here: by platypussrex · · Score: 2, Funny

    Fixed illegal user access the WEB configuration utility.

    Now if they only had a grammar checker!

  12. Re:Fixed in new firmware, available here: by Paradise+Pete · · Score: 2, Funny
    Helps if the URL doesnt have a space in it. Hmm.. slashdot seems to be mangling it.

    How To Make a Clickable URL
    1. Type <a href = "">
    2. Insert the URL between the quotation marks.
    3. To the right of the closing angle bracket, type the text you'd like the link to say.
    4. Finish with </a>

    Done.

    P.S. No ...Profit!!! jokes, please.