[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Linksys/Cisco WRT350N 1.0.3.7 shipping with insecure and static samba configuration

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Linksys/Cisco WRT350N 1.0.3.7 shipping with insecure and static samba configuration
From: "Teh Kotak" <kotak.teh@xxxxxxxxx>
Date: Fri, 26 Sep 2008 19:29:47 +0700

As of today 25 September 2008, I am using the latest 1.0.3.7 firmware for my
region (Singapore), US also use this version.

1/ Outdated Samba 3.0.2, vulnerable to numerous security holes.

2/ Default admin:admin user

3/ Default open guest user, noway to disable it

4/ It is impossible to disable SAMBA completely! This is a wireless access
point/router... I don't want this shit insecure crap.

Cisco/Linksys engineers must stop sucking!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] OFFTOPIC - moderated subset of list is back
Next by Date: [Full-disclosure] Fwd: Supporters urge halt to hacker's extradition to US
Previous by thread: Re: [Full-disclosure] OFFTOPIC - moderated subset of list is back
Next by thread: [Full-disclosure] Fwd: Supporters urge halt to hacker's extradition to US
Index(es):
- Date
- Thread