[Bulk] Re: [Full-disclosure] D-Link DSL routers authentication bypass
francesco.orro at akhela.com
Fri May 20 11:51:58 BST 2005
I found this vulnerability for my job last March. I immediately tried to
contact D-Link since i didn't trust the e-mail for ordinary technical
support. At the beginning of May I managed to submit to D-Link the
vulnerability and I received an answer as you find in the advisory.
Luis Peralta wrote:
> On 5/19/05, Francesco Orro <francesco.orro at akhela.com> wrote:
>>====================== SUMMARY ========================
>> Title: D-Link DSL routers authentication bypass
>> Date: 19 May 2005
>> Author: Francesco Orro <francesco.orro 4t akhela.com>
>>=================== DISCLOSURE HISTORY =====================
>> 2 May 2005 - First private release of this advisory;
>> 4 May 2005 - The vendor (D-Link Mediterraneo S.r.l.) has been informed
>> of the vulnerability;
>> 5 May 2005 - The vendor replid that the problem was resolved on
>> firmware version V1.00B02T02.EU.20040610, but has been
>> demostrated that this version is vulnerable too;
>>19 May 2005 - Public release of this advisory.
> I notified D-Link (soporte at dlink.es) about this issue (I only checked
> it on G604T models) on April 11th. The bug does not only allow to
> download the configuration file, but to completely trojanize the
> device by means of custom firmware uploading. I gave D-Link a two
> month grace period to fix the issue.
> Luis Peralta
Full-Disclosure is hosted and sponsored by Secunia.