[MLB-WIRELESS] Netgear WG602 AP backdoor admin account
from johnno
fromjohnno at hotmail.com
Thu Jun 10 17:02:49 EST 2004
well I can say its not working on my WG602 Ver.2 :)
so I'm happy about that!
John
>From: Chris Samuel <chris at csamuel.org>
>To: <melbwireless at wireless.org.au>
>Subject: [MLB-WIRELESS] Netgear WG602 AP backdoor admin account
>Date: Sun, 6 Jun 2004 10:23:31 +1000
>MIME-Version: 1.0
>Received: from mc9-f11.hotmail.com ([65.54.166.18]) by mc9-s15.hotmail.com
>with Microsoft SMTPSVC(5.0.2195.6824); Sat, 5 Jun 2004 17:32:09 -0700
>Received: from www.wireless.org.au ([202.161.127.82]) by
>mc9-f11.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Sat, 5 Jun 2004
>17:32:08 -0700
>Received: (from majordomo at localhost)by www.wireless.org.au (8.11.6/8.11.6)
>id i560SGb18691for melbwireless-list; Sun, 6 Jun 2004 10:28:16 +1000
>Received: from inside.csamuel.org (203-219-126-22-vic.tpgi.com.au
>[203.219.126.22])by www.wireless.org.au (8.11.6/8.11.6) with ESMTP id
>i560NdL18632for <melbwireless at wireless.org.au>; Sun, 6 Jun 2004 10:23:39
>+1000
>Received: by inside.csamuel.org (Postfix, from userid 501)id 05FA33E87;
>Sun, 6 Jun 2004 10:23:37 +1000 (EST)
>X-Message-Info: TSNaxu8CDofun9u8eOxPrJtUJ0fW9JHdrAB+XlhdnZ4=
>X-Authentication-Warning: www.wireless.org.au: majordomo set sender to
>owner-melbwireless at wireless.org.au using -f
>User-Agent: KMail/1.4.3
>Message-Id: <200406061023.36841.chris at csamuel.org>
>Precedence: list
>Return-Path: owner-melbwireless at wireless.org.au
>X-OriginalArrivalTime: 06 Jun 2004 00:32:09.0101 (UTC)
>FILETIME=[B3A233D0:01C44B5D]
>
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Posted on the Bugtraq list, reference on /.
>
> http://www.securityfocus.com/archive/1/365069
>
>"The webinterface which is reachable from both interfaces (LAN/WLAN)
>contains an undocumented administrative account which cannot be disabled."
>
>"A search on Google revealed that "5777364" is actually the phonenumber
>of z-com Taiwan which develops and offers WLAN equipment for its OEM
>customers."
>
>"Systems Affected
>- ----------------
>
> Vulnerable (verified)
> WG602 with Firmware Version 1.04.0
>
> Possibly vulnerable (not verified)
> WG602 with other Firmware Versions
> WG602v2
> All other z-com derived WLAN Accesspoints"
>
>- --
> Chris Samuel : http://www.csamuel.org/ : Melbourne, VIC
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.0.7 (GNU/Linux)
>
>iQEVAwUBQMJkB41yjaOTJg85AQGtOQf/bGI2/1jr7VkSVG0cTsWqUMVXm7i8Qs/J
>Ta80ruGOwxwdqkZwLmk6jR+V79cfOemcDAGousioH8prW2pV3MewS7wZhlJ//g0A
>9/3tWrWheqryDCLrW7sIy7f+WywMuhit2xpD6G47pv5VWhdRZbbp9bZTt8KooHk3
>xiJ1zA2QoCPs8Y60l3qvCf1o7u2e5TvtrJ9F4HF21mGKZSbpPchMFiCEETD6KsfG
>RQ6ossppzmxQ5CE7Vb6m39BC+wvRLFgVKSdUTZNALGhqmPOVCDF1XQYm+oQcUR/V
>Ji4vwbgsVRFba4wp/PbNvHgGpNOAbF+QiYfOHqYBJ38aCOttxq4A0w==
>=Zyo0
>-----END PGP SIGNATURE-----
>
>To unsubscribe: send mail to majordomo at wireless.org.au
>with "unsubscribe melbwireless" in the body of the message
>
_________________________________________________________________
Open an Online Savings Account today & collect a bonus $30*!
http://clk.atdmt.com/1DG/go/hsb005000991dg/direct/01/
To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message
More information about the Melbwireless
mailing list