Haha, yeah I spoke too soon.
Happy Holidays.
Also has anyone looked at the list of devices / vendors that are using that
software?
https://www.allegrosoft.com/about-allegro-software#tabs-896-0-4
Did the vendors know their vendor was giving them buggy software?
What is the test for this vuln?
To: Jay Ashworth
Cc: NANOG
Subject: Re: Ars breaks Misfortune Cookie vulnerability news to public
Here’s the thing I don’t get… You have X provider supplying routers with
vulnerable firmware that have remote support (TR-069) enabled.
Why would Check Point not at least name and shame, instead of
* jav...@advancedmachines.us (Javier J) [Sat 20 Dec 2014, 00:50 CET]:
Glad I'm using a freebsd based routing solution.
Time to update that one too:
https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01
-- Niels.
19:25 <@andrewTO>
http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf has a list
of potentially vulnerable devices
19:25 <@math> andrewTO@opensrs++
/kc
--
Ken Chase - k...@heavycomputing.ca skype:kenchase23 +1 416 897 6284 Toronto
Canada
Heavy Computing - Clued bandwidth, colo
Here’s the thing I don’t get… You have X provider supplying routers with
vulnerable firmware that have remote support (TR-069) enabled.
Why would Check Point not at least name and shame, instead of trying to market
their security? I know the hack is old, but grandma isn’t probably up to date
o
Glad I'm using a freebsd based routing solution.
On Dec 19, 2014 5:54 PM, "Jay Ashworth" wrote:
> While the flaw is 12 years old and the fix 9, the article suggests that
> firmware for consumer routers may yet be being built with the vulnerable
> webserver code baked in.
>
> If you are responsibl
6 matches
Mail list logo
