Re: Linksys security contact

From: Jim Knoble (jmknobleat_private)
Date: Wed Nov 13 2002 - 15:27:30 PST

Next message: EnGarde Secure Linux: "[Full-Disclosure] [ESA-20021114-029] BIND buffer overflow, DoS attacks."

Previous message: mattmurphyat_private: "KeyFocus KF Web Server File Disclosure Vulnerability"
In reply to: David Endler: "Linksys security contact"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Circa 2002-11-07 09:59:29 -0500 dixit David Endler:

: FYI starting today, Linksys has created the address
: securityat_private to receive information on vulnerabilities within
: any of their products.
: 
: Additionally the iDEFENSE advisory, 10.31.02a: Denial of Service
: Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router, has been
: udpated to reflect an official vendor response from Linksys.  Also,
: the analysis section has been refined to address some inaccuracies
: from people reporting on this in the press.
: 
: http://www.idefense.com/advisory/10.31.02a.txt

Q.v.:

: VII. VENDOR RESPONSE
: 
: [...] Internal gozila.cgi attacks only take place if a user
: inadvertently activates a malicious link, file or other form of code,
: just as an email virus is triggered.

Internal attacks also take place if a malicious user intentionally
conducts the attack.  In some network environments, some or all users
may be untrusted.

: [...] All Linksys routers have the "Block WAN Request" feature
: enabled by default as another security measure, preventing them from
: being "pinged," or pinpointed, on the Internet.

However, listeners on the same cable segment can detect a Linksys
router using MAC address techniques even if Block WAN Request is enabled.

: The BEFSR41's latest firmware version 1.43 is available for free
: download at http://www.linksys.com/download/firmware.asp?fwid=1.

Note that, when i upgraded my BEFSR41 to firmware 1.43, the Forwarding
tab stopped working---it only produced a 'Broken pipe' error in the
browser.

Downgrading to 1.42.7 caused the Forwarding tab to work again.

I contacted Linksys support to report this issue, but the response was
not very useful (paraphrase: "Don't upgrade firmware unless it's
necessary.").

Note that, if you move between 1.43 and 1.42.7, you should carefully
check the Filters configuration to ensure that your settings for Block
WAN Request, Multicast Pass Through, etc. have not changed.  Because
the 'SPI' item is removed in firmware 1.43, the settings for Block WAN
Request changed when i upgraded to 1.43, and they changed again when i
downgraded back to 1.42.7.

- -- 
jim knoble  |  jmknobleat_private  |  http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
"I am non-refutable."  --Enik the Altrusian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (Linux)
Comment: See http://www.pobox.com/~jmknoble/keys/ for my public key.

iEYEARECAAYFAj3S33cACgkQKJ/qqBOBFJEwEwCfQ6yWP+VEpChyA5Rp/yyPpR8z
LlYAn2V5heCuy/toRos3IAD6IQfLKO/v
=XdB4
-----END PGP SIGNATURE-----

Next message: EnGarde Secure Linux: "[Full-Disclosure] [ESA-20021114-029] BIND buffer overflow, DoS attacks."
Previous message: mattmurphyat_private: "KeyFocus KF Web Server File Disclosure Vulnerability"
In reply to: David Endler: "Linksys security contact"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Nov 14 2002 - 00:42:20 PST