Results 1 to 15 of 130

Thread: Внимание! Безопасность Linux-based MIPSel роутеров!

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #17
    Join Date
    Mar 2008
    Location
    Korolev
    Posts
    2
    Quote Originally Posted by AlexeyS View Post
    У нас уже давно miniupnpd вместо нее.
    Не одна libupnp уязвима, miniupnp 1.0 тоже
    Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.
    http://web.nvd.nist.gov/view/vuln/de...=CVE-2013-0230
    Я проверил на своем RT-N16: на заводской прошивке 3.0.0.4.260 с включенным UPnP для теста Rapid7 оказался неуязвим.
    По данным Rapid7: "332 products use MiniUPnPd version 1.0, which is remotely exploitable. Over 69% of all MiniUPnPd fingerprints were version 1.0 or older."
    Last edited by hairpin; 02-02-2013 at 18:43.

Similar Threads

  1. Oscam fьr Mipsel Router
    By N3m3515 in forum German Discussion - Deutsch (DE)
    Replies: 7
    Last Post: 28-03-2015, 05:31
  2. Безопасность SSH (dropbear)
    By SergeyVl in forum Russian Discussion - РУССКИЙ (RU)
    Replies: 309
    Last Post: 28-02-2013, 14:09
  3. Replies: 2
    Last Post: 24-03-2009, 17:18
  4. New 1.0.4.6 based custom firmware
    By kfurge in forum WL-700g Firmware Discussion
    Replies: 272
    Last Post: 20-11-2007, 17:15
  5. Recompiling with mipsel
    By smarechal in forum WL-500g Custom Development
    Replies: 6
    Last Post: 21-03-2005, 12:48

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •