Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center

SANS Site Network

Current Site

SANS Internet Storm Center

Other SANS Sites Help

Graduate Degree Programs

Security Training

Security Certification

Security Awareness Training

Penetration Testing

Industrial Control Systems

Cyber Defense Foundations

DFIR

Software Security

Government OnSite Training

InfoSec Handlers Diary Blog

Log In or Sign Up for Free!

DD-WRT Vulnerability

Published: 2009-07-22
Last Updated: 2009-07-22 20:43:54 UTC
by Chris Carboni (Version: 1)

Paul wrote in to let us know about a new vulnerability in DD-WRT that was being reported in the Register at http://www.theregister.co.uk/2009/07/21/critical_ddwrt_router_vuln/.

DD-WRT runs on routers by Linksys, D-Link Buffalo, ASUS and well as other routers. The complete list can be found at http://www.dd-wrt.com/wiki/index.php/Supported_Devices

This vulnerability will allow an attacker to run programs with root priviledges on a vulnerable router.

More information can be found on the DD-WRT Forum at http://www.dd-wrt.com/phpBB2/viewtopic.php?t=55173&postdays=0&postorder=asc&start=0

Christopher Carboni - Handler On Duty

Keywords:

Diary Archives