|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA14871] Linksys WET11 Password Change Security Bypass Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Thu Apr 07 2005 - 07:53:46 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------------------------
Want a new IT Security job?
Vacant positions at Secunia:
http://secunia.com/secunia_vacancies/
----------------------------------------------------------------------
TITLE:
Linksys WET11 Password Change Security Bypass Vulnerability
SECUNIA ADVISORY ID:
SA14871
VERIFY ADVISORY:
http://secunia.com/advisories/14871/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass
WHERE:
From local network
OPERATING SYSTEM:
Linksys WET11
http://secunia.com/product/645/
DESCRIPTION:
Kristian Hermansen has reported a vulnerability in Linksys WET11,
which can be exploited by malicious people to bypass certain security
restrictions.
The vulnerability is caused due to an error where the device password
can be changed without providing the old password. This can be
exploited to set a blank password and gain access to the device.
Example:
http://[victim]/changepw.html?data=........................
NOTE: In version 1.5.4, successful exploitation requires that a user
has logged in recently.
The vulnerability has been reported in version 1.5.4. Other versions
may also be affected.
SOLUTION:
Restrict access to the administrative web interface.
PROVIDED AND/OR DISCOVERED BY:
Kristian Hermansen
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]