Quoting informatik.koerfer (at) web (dot) de [email concealed]:
>In-Reply-To: <20021106185730.15557.qmail (at) mail.securityfocus (dot) com [email concealed]>
>>> Possibly vulnerable, not tested, OEM Version from GlobalSunTech:
>>> D-Link DWL-900AP+ B1 version 2.1 and 2.2
<snip>
>>The D-Link DWL-900AP+ B1 2.1 isn't affected.
> I'm sorry, this device IS vulnerable, I believe ALL others are as well.
> The source code posted is only a proof of concept, slight modifications
> will deliver the correct result.
>
<snip>
Just a little FYI:
I Upgraded to the latest firmware located on the support.dlink.com site, It
seems as though this is vulnerable as well and returns:
(The Wep Key, Admin password, and SSID have been changed to protect the
innocent)
Again, this is the latest firmware located on the dlink support site:
Firmware Version 2.3 , Tue, 29 Sep 2002
Which was apparently relased on the 4th November 2002, as per the information
on their site. The site clearly explains though that it is only an upgrade to
secure TFTP and nothing else though.
The informaion was extracted using the "Altered Test Prog" (and a bit of
tweeking) that /håkan supplied in previous posts. Correct me if I'm wrong, and
being quite new to the security scene, I imagine I would be, but wouldnt the
most logical step for firewalling, to update a ruleset that doesnt allow
network wide broadcasts, if it can be helped that is?
If anyone needs me to run some more tests, just let me know what to run.
Cheers
-TenTaCLE
-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
>In-Reply-To: <20021106185730.15557.qmail (at) mail.securityfocus (dot) com [email concealed]>
>>> Possibly vulnerable, not tested, OEM Version from GlobalSunTech:
>>> D-Link DWL-900AP+ B1 version 2.1 and 2.2
<snip>
>>The D-Link DWL-900AP+ B1 2.1 isn't affected.
> I'm sorry, this device IS vulnerable, I believe ALL others are as well.
> The source code posted is only a proof of concept, slight modifications
> will deliver the correct result.
>
<snip>
Just a little FYI:
I Upgraded to the latest firmware located on the support.dlink.com site, It
seems as though this is vulnerable as well and returns:
Type : GL2422AP-00-0M0 T1.0 -042.3
Announced Name: DWL-900AP+
Admin Username: admin
Admin Password: admin
SSID : default
Wep Key : 00 00 00 00 00 00 00 00 00 00 00 00 00
(The Wep Key, Admin password, and SSID have been changed to protect the
innocent)
Again, this is the latest firmware located on the dlink support site:
Firmware Version 2.3 , Tue, 29 Sep 2002
Which was apparently relased on the 4th November 2002, as per the information
on their site. The site clearly explains though that it is only an upgrade to
secure TFTP and nothing else though.
The informaion was extracted using the "Altered Test Prog" (and a bit of
tweeking) that /håkan supplied in previous posts. Correct me if I'm wrong, and
being quite new to the security scene, I imagine I would be, but wouldnt the
most logical step for firewalling, to update a ruleset that doesnt allow
network wide broadcasts, if it can be helped that is?
If anyone needs me to run some more tests, just let me know what to run.
Cheers
-TenTaCLE
-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
[ reply ]