('binary' encoding is not supported, stored as-is) Problem: malicious user can release DHCP client on D-Link DI-804 router interrupting network communications I need some other D-Link DI-804 users (as well as other dlink routers) to see if they can reproduce this problem-- With "remote administration" mode enabled to any IP (web interface wide open on WAN side), It seems that a malicious user can activate DHCP release/renew without first being authenticated as the admin (priviledged user) the webpage that I can get to on the dlink built in web interface is http://xxx.xxx.xxx.xxx/release.htm where xxx.xxx.xxx.xxx is the ip address of your router, specifically for these purposes, the wan ip address firmware: 4.68 device: DI-804 This would be a BAD thing, since an attacker could interrupt communications on the router This can be temporarily fixed by either disabling "remote administration" or limiting the IP addresses allowed to remote admin. I have submitted this to D-Link support. I'm also wondering what other D-Link routers this could affect. Jens Jensen MCP, CCNA
This archive was generated by hypermail 2b30 : Thu Aug 22 2002 - 09:16:42 PDT