Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Gigafast/CompUSA router (model EE400-R) vulnerabilities
From: Gary H. Jones II (garypointblanksecurity.com)
Date: Sat Feb 19 2005 - 19:57:25 CST
This router is/was widely sold in CompUSA stores. It is a Gigafast router,
re-branded as a CompUSA router.
All firmware versions are affected.
When reported to the manufacturer on 5/13/04, I had received a response
stating that the information would be passed on to firmware developer.
Almost a year has passed and no fix is currently available.
The router has a login page; however, this may easily be bypassed. If one
was to make a request to http://ROUTER/backup.cfg, it would contain some of
the routers preferences, including the administrator password in plain-text.
Anyone may access this file on the LAN by default. If remote administration
is enabled, any individual on the internet would be able to download this
configuration file and see the administrator password.
If the DNS proxy option is turned on, it is possible to interrupt
connectivity by sending malformed DNS queries. Once the router receives the
malformed DNS queries, it will not work until a cold boot has been
performed. This bug can only be produced within the LAN.
Gary H. Jones II
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.1 (MingW32) - WinPT 0.7.96rc1
-----END PGP PUBLIC KEY BLOCK-----