Netgear Vulnerability - Disclosure Notification

By Tom on 6 July 2009
Last month I released a couple of 0day Netgear vulnerabilities.  I had been sitting on them for a couple of years.  Anyway, "NWN Security" picked up on the long period between discovery and disclosure.  I have been so busy over the past few years that I literally forgot about these vulnerabilities and just 'shelved' them in a text file.  I was not making all your Netgear routers belong to US (well, technically... UK) during that two year period, I promise.

Anyhow, he wrote a nice blog entry on why these vulnerabilities shouldn't be overlooked and seen as affecting the personal home user only.  It's a nice article he does talk sense.

You can hook up with it here.

Categories:

Tags:

Tag Cloud

Other Posts

Introducing Ncrack, a Network Brute Forcer on Crack
"Ncrack is an open source tool for network authentication cracking. It was designed for high-speed parallel cracking using a dynamic…
Hash Me Up (Mac OS X Styleee)
On a good day you'll catch me on my MacBook Pro like any other Apple fanboy.  However, I was on…
Kneber Botnet - The End is Nigh! Not Quite!
Just a quick one this morning...  A botnet has been discovered that has apparently hijacked more than 75,000 boxes across…
Web 2.0 + People = New Challenges
This article originally appeared on Verizon Business' ThinkForward blog.  It is written by me with a different audience in mind…
Nmap 5.20 released
More than 150 significant improvements,30+ new Nmap Scripting Engine (NSE) scriptsEnhanced Performance and Reduced Memory ConsumptionProtocol-specific Payloads for more Effective…
BackTrack Final 4 released
BackTrack 4 (Final) is officially released. If you didn't already know, "BackTrack is a Linux-based penetration testing arsenal that aids…
Second GSM Cipher Fail - A5/3
The GSM encryption algorithm A5/1 has been known to be broken for some time now... about 10 years to be…
Attack on PHP sessions and random numbers
PHP random numbers and session IDs weaker than thought.  Proof of concept code and further information at http://samy.pl/phpwn/…
Friend or foe? Automated Malware Analysis and Identification
I am doing a PhD on the subject so it's only right I post something up related to it.  Whether…
Give us a flash! Introducing SWFScan, the Flash Security Scanner
The nice people at the Web Security Research Group over at HP have created a bit of goodness that will…