Security Hole discovered in Linksys WRT54G

Alan Dayley alandd at consultpros.com
Fri Oct 6 08:24:30 MST 2006 

I have a WRT54GL running OpenWRT.  I spent a few minutes yesterday looking
around the OpenWRT site and saw no references at all about this exploit
issue.

The exploit report does not explicitly state it but the version number it
refers to is associated with the Linksys factory firmware.  So,
specifically for the reported case, it is not talking about third-party
firmware at all.

That's not to say that similar a vulnerability does not exist in the
third-party stuff, only that I see no report of one for OpenWRT.

Alan

On Thu, October 5, 2006 10:33 pm, David Bendit wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Any idea if this effects third-party firmwares (Sveasoft, dd-wrt,
> OpenWRT, etc.)?
>
> - -David
>
> Richard Wilson wrote:
>> All,
>>
>> Per the URL's below, there's a remote exploit available that will permit
>> outsiders to take control of your Linksys WRT54G router... Since this is
>> a popular router, I thought I should pass this along.  I read that
>> there's a beta version of firmware out that addresses the issues but
>> haven't found it yet.
>>
>> http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048495.html
>> http://www.kb.cert.org/vuls/id/930364
>>
>> Richard Wilson
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change  you mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.3 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFFJeqb/eN+mEehuEMRAkNEAJ9kUIs0iIHuenrImUEuj9aNDyREYACfWk19
> hpVEmm6ApOTcegifn+NOPXQ=
> =9AWR
> -----END PGP SIGNATURE-----
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change  you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>

More information about the PLUG-discuss mailing list