NETGEAR WGT624 Wireless DSL Firewall/Router vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: NETGEAR WGT624 Wireless DSL Firewall/Router vulnerability
From: info@xxxxxxxxxxxxx
Date: 26 Feb 2006 10:00:48 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

When configured to backup configuration settings, the device will store various 
information in cleartext. Accessing this file could allow an attacker to obtain 
sensitive information which could aid the attacker in compromising the web 
administration interface of the device, DSL/cable account passwords, FTP 
passwords,etc. 

It should be noted that the backup option is not enabled by default, but is a 
common feature used by administrators and attackers of course ;)

Prev by Date: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability
Next by Date: Re: URL filter bypass in Fortinet
Previous by thread: Re: Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability
Next by thread: [FLSA-2006:177326] Updated mod_auth_pgsql package fixes security issue
Index(es):
- Date
- Thread