Network Security: Detailed info on Re: Router ZyXEL Prestige 650 HW http remote admin.

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: Router ZyXEL Prestige 650 HW http remote admin.

from [Laurent Papier] Network Security

[Permanent Link]

Subject:	Re: Router ZyXEL Prestige 650 HW http remote admin.
Date:	Wed, 24 Nov 2004 11:32:12 +0100

On Tue, 23 Nov 2004 01:02:39 +0100 (CET)
Hugo van der Kooij <hvdkooij@vanderkooij.org> wrote:

On Sun, 21 Nov 2004, Francisco José Canela wrote:


Hi, I found a bug in ZyXEL Prestige 650 HW Routers with Http Remote 
Administration active.


...

Could you include relevant details? Like:

Which firmware?


I can confirm the problem on this model:
Prestige 645R-A1, ZyNOS S/W Version: V3.40(GJ.4)| 4/12/2004.

$ curl -I zyxel/rpFWUpload.html
HTTP/1.1 200 OK
Content-Type: text/html
Date: Wed, 24 Nov 2004 11:30:02 GMT
Pragma: no-cache
Expires: Thu, 26 Oct 1995 00:00:00 GMT
Transfer-Encoding: chunked
Server: RomPager/4.07 UPnP/1.0

-- 
Laurent Papier - 03 88 75 80 50
Admin. systeme - Sdv Plurimedia - <http://www.sdv.fr/>

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Router ZyXEL Prestige 650 HW http remote admin., Josi Re: Router ZyXEL Prestige 650 HW http remote admin., Hugo van der Kooij Re: Router ZyXEL Prestige 650 HW http remote admin., Laurent Papier <= Re: Router ZyXEL Prestige 650 HW http remote admin., Steve Clement

Previous by Date:	Re: [SIG^2 G-TEC] Prevx Home v1.0 Instrusion Prevention Features Can Be Disabled by Direct Service Table Restoration, Ralph Harvey
Next by Date:	[Full-Disclosure] Re: Sun Java Plugin arbitrary package access vulnerability, Alla Bezroutchko
Previous by Thread:	Re: Router ZyXEL Prestige 650 HW http remote admin., Hugo van der Kooij
Next by Thread:	Re: Router ZyXEL Prestige 650 HW http remote admin., Steve Clement
Indexes:	[Date] [Thread] [Top] [All Lists]