Many thanks for that information, I have now changed my Zebra password.
To anyone wishing to carry out the same, its not the easiest thing to carry
out so read the docs carefully and also the terminal "list" instructions.
Maybe Netgear should have included this as part of their setup interface, or
just a mention in their docs would have been good, as I suspect a clever
hack could cause damage with access to this software.
Regards and again my thanks
Paul James
-----Original Message-----
From: Rodrigo Barbosa [mailto:rodrigob@suespammers.org]
Sent: 25 August 2004 23:16
To: Paul James
Cc: bugtraq@securityfocus.com
Subject: Re: NETGEAR DG834G SPECIAL FEATURES
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Probably related to this:
URL : http://www.zebra.org/
Summary : Zebra Multiprotocol Routing Daemon
Description :
Zebra is a multi-server routing software package which provides TCP/IP based
routing protocols also with IPv6 support such as RIP, OSPF, BGP and so on.
Zebra turns your machine into a full powered router.
On Tue, Aug 24, 2004 at 12:37:17AM -0000, Paul James wrote:
In-Reply-To: <20040812173908.5199.qmail@www.securityfocus.com>
My DG834 (non-wireless) also appears vulnerable to the ZEBRA problem, but
only on port 2602.
How does one go about changing this password from the default?
And what does this ZEBRA service offer?
Unable to find documentation on this.
Regards
- --
Rodrigo Barbosa <rodrigob@suespammers.org> "Quid quid Latine dictum sit,
altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFBLQ+FpdyWzQ5b5ckRApA6AJ9gGG6y9MxPk6dv5kqN3xixavaHFgCeJWfN
HjnOhH0pA2S1p1j7vmsxx6U=
=2c5E
-----END PGP SIGNATURE-----
