Quoting informatik.koerferat_private: >In-Reply-To: <20021106185730.15557.qmailat_private> >>> Possibly vulnerable, not tested, OEM Version from GlobalSunTech: >>> D-Link DWL-900AP+ B1 version 2.1 and 2.2 <snip> >>The D-Link DWL-900AP+ B1 2.1 isn't affected. > I'm sorry, this device IS vulnerable, I believe ALL others are as well. > The source code posted is only a proof of concept, slight modifications > will deliver the correct result. > <snip> Just a little FYI: I Upgraded to the latest firmware located on the support.dlink.com site, It seems as though this is vulnerable as well and returns: Type : GL2422AP-00-0M0 T1.0 -042.3 Announced Name: DWL-900AP+ Admin Username: admin Admin Password: admin SSID : default Wep Key : 00 00 00 00 00 00 00 00 00 00 00 00 00 (The Wep Key, Admin password, and SSID have been changed to protect the innocent) Again, this is the latest firmware located on the dlink support site: Firmware Version 2.3 , Tue, 29 Sep 2002 Which was apparently relased on the 4th November 2002, as per the information on their site. The site clearly explains though that it is only an upgrade to secure TFTP and nothing else though. The informaion was extracted using the "Altered Test Prog" (and a bit of tweeking) that /håkan supplied in previous posts. Correct me if I'm wrong, and being quite new to the security scene, I imagine I would be, but wouldnt the most logical step for firewalling, to update a ruleset that doesnt allow network wide broadcasts, if it can be helped that is? If anyone needs me to run some more tests, just let me know what to run. Cheers -TenTaCLE ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/
This archive was generated by hypermail 2b30 : Sat Nov 09 2002 - 05:01:05 PST