|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA20896] Siemens Speedstream 2624 Password Protection Bypass
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Fri Jun 30 2006 - 07:32:05 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------------------------
Reverse Engineer Wanted
Secunia offers a Security Specialist position with emphasis on
reverse engineering of software and exploit code, auditing of
source code, and analysis of vulnerability reports.
http://secunia.com/secunia_security_specialist/
----------------------------------------------------------------------
TITLE:
Siemens Speedstream 2624 Password Protection Bypass
SECUNIA ADVISORY ID:
SA20896
VERIFY ADVISORY:
http://secunia.com/advisories/20896/
CRITICAL:
Less critical
IMPACT:
Security Bypass, Exposure of sensitive information
WHERE:
From local network
OPERATING SYSTEM:
Siemens Speedstream 2624
http://secunia.com/product/10741/
DESCRIPTION:
Jaime Blasco has reported a vulnerability in Siemens Speedstream
2624, which can be exploited by malicious people to bypass certain
security restrictions.
The vulnerability is caused due to an unspecified error in the
password protection. This can be exploited to bypass the password
protection and access protected files via UPnP (Universal Plug and
Play).
SOLUTION:
Restrict access to affected devices.
PROVIDED AND/OR DISCOVERED BY:
Jaime Blasco
ORIGINAL ADVISORY:
Digital Armaments:
http://www.digitalarmaments.com/2006290674551938.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]