[Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability

Grok Headline matches for [Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability

Re: [Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability

Re: [Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability 05/28/2004 12:24 PM
Seth Alan Woolley (May 27 2004)

[Full-Disclosure] iDEFENSE Security
Advisory 05.26.04: 3Com OfficeConnect
Remote 812 ADSL Router Telnet Protocol
Denial of Service Vulnerability

[Full-Disclosure] iDEFENSE Security
Advisory 05.26.04: 3Com OfficeConnect
Remote 812 ADSL Router Telnet Protocol
Denial of Service Vulnerability 05/26/2004 03:00 PM
idlabs-advisories_at_idefense.com (May 26 2004)

[Full-Disclosure] iDEFENSE Security
Advisory 04.13.04 - Microsoft Help and
Support Center Argument Injection
Vulnerability

[Full-Disclosure] iDEFENSE Security
Advisory 04.13.04 - Microsoft Help and
Support Center Argument Injection
Vulnerability 04/14/2004 03:47 PM
idlabs-advisories_at_idefense.com (Apr 13 2004)

[Full-Disclosure] iDEFENSE Security
Advisory 04.15.04: RealNetworks Helix
Universal Server Denial of Service
Vulnerability

[Full-Disclosure] iDEFENSE Security
Advisory 04.15.04: RealNetworks Helix
Universal Server Denial of Service
Vulnerability 04/15/2004 09:06 PM
idlabs-advisories_at_idefense.com (Apr 15 2004)

Vulns: Motorola WR850G Wireless Router
Remote Authentication Bypass
Vulnerability

Vulns: Motorola WR850G Wireless Router
Remote Authentication Bypass
Vulnerability 09/26/2004 05:11 PM
SecurityFocus Sep 26 2004 8:09PM GMT

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview Information Disclosure
Vulnerability

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview Information Disclosure
Vulnerability 04/07/2005 10:50 PM
Posted by iDEFENSE Labs, Apr 07 2005

iDEFENSE Security Advisory 12.21.04:
Hewlett Packard HP-UX ftpd Remote Buffer
Overflow Vulnerability

iDEFENSE Security Advisory 12.21.04:
Hewlett Packard HP-UX ftpd Remote Buffer
Overflow Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

iDEFENSE Security Advisory 09.16.04:
Ipswitch WhatsUp Gold Remote Denial of
Service Vulnerability

iDEFENSE Security Advisory 09.16.04:
Ipswitch WhatsUp Gold Remote Denial of
Service Vulnerability 09/16/2004 09:22 PM
customer service mailbox (Sep 16 2004)

iDEFENSE Security Advisory 03.21.05: Mac
OS X CF_CHARSET_PATH Buffer Overflow
Vulnerability

iDEFENSE Security Advisory 03.21.05: Mac
OS X CF_CHARSET_PATH Buffer Overflow
Vulnerability 03/22/2005 05:13 PM
iDefense Customer Service (Mar 21 2005)

[Full-Disclosure] Java Runtime
Environment Remote Denial-of-Service
(DoS) Vulnerability

[Full-Disclosure] Java Runtime
Environment Remote Denial-of-Service
(DoS) Vulnerability 12/28/2004 07:20 PM
Marc Schoenefeld (Dec 22 2004)

Re: iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability

Re: iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability 12/28/2004 03:27 PM
Marcus Meissner (Dec 27 2004)

iDEFENSE Security Advisory 04.06.05: IBM
Lotus Domino Server Web Service DoS
Vulnerability

iDEFENSE Security Advisory 04.06.05: IBM
Lotus Domino Server Web Service DoS
Vulnerability 04/06/2005 05:45 PM
Posted by iDEFENSE Labs, Apr 06 2005

iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability

iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

iDEFENSE Security Advisory 04.12.05:
Microsoft MSHTA Script Execution
Vulnerability

iDEFENSE Security Advisory 04.12.05:
Microsoft MSHTA Script Execution
Vulnerability 04/12/2005 04:17 PM
Posted by iDEFENSE Labs, Apr 12 2005

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview File Overwrite
Vulnerability

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview File Overwrite
Vulnerability 04/07/2005 10:50 PM
Posted by iDEFENSE Labs, Apr 07 2005

iDEFENSE Security Advisory 02.17.04:
Ipswitch IMail LDAP Daemon Remote Buffer
Overflow

iDEFENSE Security Advisory 02.17.04:
Ipswitch IMail LDAP Daemon Remote Buffer
Overflow 02/17/2004 06:25 PM
iDefense Labs (Feb 17 2004)

iDEFENSE Security Advisory 04.12.05:
Microsoft Windows CSRSS.EXE Stack
Overflow Vulnerability

iDEFENSE Security Advisory 04.12.05:
Microsoft Windows CSRSS.EXE Stack
Overflow Vulnerability 04/12/2005 04:17 PM
Posted by iDEFENSE Labs, Apr 12 2005

Re: iDEFENSE Security Advisory 12.16.04:
MPlayer MMST Streaming Stack Overflow
Vulnerability

Re: iDEFENSE Security Advisory 12.16.04:
MPlayer MMST Streaming Stack Overflow
Vulnerability 12/19/2004 03:48 PM
Hideki Yamane (Dec 16 2004)

iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client env_opt_add()
Buffer Overflow Vulnerability

iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client env_opt_add()
Buffer Overflow Vulnerability 03/28/2005 07:59 PM
iDEFENSE Labs (Mar 28 2005)

iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client slc_add_reply()
Buffer Overflow Vulnerability

iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client slc_add_reply()
Buffer Overflow Vulnerability 03/28/2005 07:59 PM
iDEFENSE Labs (Mar 28 2005)

iDEFENSE Security Advisory 12.21.04:
libtiff Directory Entry Count Integer
Overflow Vulnerability

iDEFENSE Security Advisory 12.21.04:
libtiff Directory Entry Count Integer
Overflow Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

Re: iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client slc_add_reply()
Buffer Overflow Vulnerability

Re: iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client slc_add_reply()
Buffer Overflow Vulnerability 03/28/2005 07:59 PM
Solar Designer (Mar 28 2005)

iDEFENSE Security Advisory 04.08.05:
Microsoft Multiple E-Mail Client Address
Spoofing Vulnerability

iDEFENSE Security Advisory 04.08.05:
Microsoft Multiple E-Mail Client Address
Spoofing Vulnerability 04/09/2005 05:51 PM
Posted by iDEFENSE Labs, Apr 08 2005

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor xpdf PDF Viewer Buffer
Overflow Vulnerability

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor xpdf PDF Viewer Buffer
Overflow Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

RE: iDEFENSE Security Advisory 04.08.05:
Microsoft Multiple E-Mail Client Address
Spoofing Vulnerability

RE: iDEFENSE Security Advisory 04.08.05:
Microsoft Multiple E-Mail Client Address
Spoofing Vulnerability 04/12/2005 11:07 PM
Posted by Larry Seltzer, Apr 09 2005

iDEFENSE Security Advisory 09.22.04 -
Sophos Small Business Suite Reserved
Device Name Handling Vulnerability

iDEFENSE Security Advisory 09.22.04 -
Sophos Small Business Suite Reserved
Device Name Handling Vulnerability 09/22/2004 02:20 PM
customer service mailbox (Sep 22 2004)

iDEFENSE Security Advisory 04.12.05:
Microsoft Internet Explorer DHTML Engine
Race Condition Vulnerability

iDEFENSE Security Advisory 04.12.05:
Microsoft Internet Explorer DHTML Engine
Race Condition Vulnerability 04/12/2005 04:17 PM
Posted by iDEFENSE Labs, Apr 12 2005

Cisco Security Advisory: Vulnerability
in Authentication Library for ACNS

Cisco Security Advisory: Vulnerability
in Authentication Library for ACNS 12/10/2003 01:52 PM
Cisco Systems Product Security Incident Response Team (Dec 10 2003)

STG Security Advisory: [SSA-20041224-21]
File extensions restriction bypass
vulnerability in GNUBoard

STG Security Advisory: [SSA-20041224-21]
File extensions restriction bypass
vulnerability in GNUBoard 01/03/2005 02:17 PM
advisory_at_stgsecurity.com (Jan 02 2005)

iDEFENSE Security Advisory 09.15.04: GNU
Radius SNMP String Length Integer
Overflow Denial of Service Vulnerability

iDEFENSE Security Advisory 09.15.04: GNU
Radius SNMP String Length Integer
Overflow Denial of Service Vulnerability 09/16/2004 05:38 AM
customer service mailbox (Sep 15 2004)

iDEFENSE Security Advisory 04.12.05:
Microsoft Windows Internet Explorer Long
Hostname Heap Corruption Vulnerability

iDEFENSE Security Advisory 04.12.05:
Microsoft Windows Internet Explorer Long
Hostname Heap Corruption Vulnerability 04/12/2005 04:17 PM
Posted by iDEFENSE Labs, Apr 12 2005

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor Xine version 0.99.2 PNM
Handler PNA_TAG Heap Overflow
Vulnerability

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor Xine version 0.99.2 PNM
Handler PNA_TAG Heap Overflow
Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor Xine version 0.99.2 PNM
Handler Negative Read Length Heap
Overflow Vulnerability

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor Xine version 0.99.2 PNM
Handler Negative Read Length Heap
Overflow Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

STG Security Advisory: [SSA-20031025-05]
InfronTech WebTide 7.04 Directory and
File Disclosure Vulnerability

STG Security Advisory: [SSA-20031025-05]
InfronTech WebTide 7.04 Directory and
File Disclosure Vulnerability 10/29/2003 12:30 PM
advisory_at_stgsecurity.com (Oct 28 2003)

Re: [Full-Disclosure] Public Review of
OIS Security Vulnerability Reporting and
Response Guidelines

Re: [Full-Disclosure] Public Review of
OIS Security Vulnerability Reporting and
Response Guidelines 07/05/2004 02:38 PM
dave (Jul 04 2004)

Re: [Dailydave] Re: [Full-Disclosure]
Public Review of OIS Security
Vulnerability Reporting and Response
Guidelines

Re: [Dailydave] Re: [Full-Disclosure]
Public Review of OIS Security
Vulnerability Reporting and Response
Guidelines 07/05/2004 02:38 PM
Halvar Flake (Jul 05 2004)

Cisco Security Advisory: Cisco Personal
Assistant User Password Bypass
Vulnerability

Cisco Security Advisory: Cisco Personal
Assistant User Password Bypass
Vulnerability 01/08/2004 08:28 PM
Cisco Systems Product Security Incident Response Team (Jan 08 2004)

MADSHEEP-05SA (security advisory):
WebHints <= v1.03 Remote Command
Execution Vulnerability

MADSHEEP-05SA (security advisory):
WebHints <= v1.03 Remote Command
Execution Vulnerability 06/17/2005 04:53 PM
Posted by Emanuele \, Tuesday, 14 June

Mailworks User Authentication Bypass
Vulnerability

Mailworks User Authentication Bypass
Vulnerability 09/07/2004 01:32 AM

Direct and Related Links for 'Mailworks User Authentication Bypass Vulnerability'

“CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote Paul Craig has reported a vulnerability in Mailworks, which can be exploited by malicious people to bypass the user authentication. The problem is that the application doesn’t verify if a user is logged on. It merely checks if a cookie with the appropriate “uId” and “auth” parameters is set. Successful exploitation allows a malicious person to log on as any user. SOLUTION: The vendor has reportedly…
Grok Description matches for [Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability
GrokA matches for [Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability

Motorola Wireless Router WR850G
Authentication Circumvention

Motorola Wireless Router WR850G
Authentication Circumvention 09/25/2004 01:36 PM
Daniel Fabian (Sep 23 2004)

Wireless Modem (BT Voyager 2000 Wireless
ADSL Router cleartext password)

Wireless Modem (BT Voyager 2000 Wireless
ADSL Router cleartext password) 06/22/2004 08:18 PM
Konstantin V. Gavrilenko (Jun 21 2004)

Help with wireless router!

Help with wireless router! 09/07/2004 07:09 AM

Direct and Related Links for 'Help with wireless router!'

An ExtremeTech reader writes in for help with their wireless router. Apparently once the laptop is connected, their desktop has no Internet access whatsoever! The advice they received matchs what I would have recommended in my column featured in IT Professionals, Just ask Matt….

Top Tip: Help with wireless router!

Top Tip: Help with wireless router! 09/02/2004 11:35 AM
After setting up the router following the instructions in the manual I can access the internet just fine through my desktop BUT only when the WLAN adapter in the laptop is off.

Top Tip: Should I get a wireless router?

Top Tip: Should I get a wireless router? 04/14/2004 11:49 AM
What type of router shold I get, and would wireless be the most logical solution? Will I lose a lot of speed with wireless, or not?

Wireless Application Protocol

Wireless Application Protocol 07/08/2002 10:50 PM
CNET Jul 8 2002 10:13PM ET

Wireless Router for 3G Networks

Wireless Router for 3G Networks 07/06/2004 10:14 AM
3G Jul 6 2004 1:26PM GMT

A Wireless Application Protocol primer

A Wireless Application Protocol primer 07/04/2002 12:18 AM
CNET Jul 3 2002 11:49PM ET

Top Tip: Maximum number of PCs on a
wireless router?

Top Tip: Maximum number of PCs on a
wireless router? 04/20/2004 11:27 PM
I have a wireless, 4 port (for hard wired) router. Can I have unlimited wireless connections to this? Is the "4" related to the physical ports only?

Linksys WRT54GS Wireless-G router

Linksys WRT54GS Wireless-G router 06/13/2004 09:42 PM
CNET Jun 14 2004 0:30AM GMT

New: NetGear Wireless Travel Router

New: NetGear Wireless Travel Router 06/29/2004 10:41 AM
NetGear released the WGR101 54 Mbps Wireless Travel Router, a pocket-size 802.11g wireless router measuring 0.7 x 2.3 x 3.4 inches.

D-Link Wireless Pocket Router/AP

D-Link Wireless Pocket Router/AP 08/13/2004 12:19 PM

Following Apple and SMC's lead, D-Link is releasing a travel-sized Wi-Fi access point, the "Wireless Pocket Router/AP." Among other tricks, the D-Link DWL-G730AP can receive power over USB, sort of an odd twist that would mean your handy pocket router all the sudden would tie your laptop back into the wall (unless you brought two laptops, natch). Looks decent, all-in-all, and much more attractive than the SMC (and dare I say the AirPort Express?)

Expect it in mid-September for around $100.

Read - D-Link debuts travel wireless AP [NWFusion]

Related
SMC Bests Airport Express: SMCWRK-G [Gizmodo]
AirPort Express Reviewed [Gizmodo]

D-Link DI-624 802.11g Wireless Router
Vulnerabilities

D-Link DI-624 802.11g Wireless Router
Vulnerabilities 07/07/2004 04:44 AM
“Gregory Duchemin has reported multiple vulnerabilities in D-Link DI-624, which can be exploited by malicious people to cause a DoS (Denial of Service) or conduct script insertion attacks….The vulnerabilities have been reported in firmware release 1.28 for Revision B. Other versions may also be affected. Solution: Disable the DHCP service.”

New wireless network protocol for
multi-hop networks

New wireless network protocol for
multi-hop networks 05/27/2004 09:26 PM

Microsoft MN-500 Wireless Router
Web-Based Administration DoS

Microsoft MN-500 Wireless Router
Web-Based Administration DoS 06/22/2004 11:56 PM
Kurczaba Associates advisories (Jun 20 2004)

54 Mbps Wireless Travel Router released

54 Mbps Wireless Travel Router released 06/30/2004 01:16 AM
NetGear has launched the WGR101 54Mbps Wireless Travel Router, a US$99 pocket-sized 802.11g router to enable wireless access during travel...

Netgear WGR101 Wireless Travel Router

Netgear WGR101 Wireless Travel Router 06/28/2004 11:18 AM

Netgear's got a new "Wireless Travel Router," the WGR101, a pint-sized 802.11g device designed to provide WiFi in hotel rooms or anywhere else you might need it. A built in "double firewall" provides security in addition to 64 or 128-bit WEP and (when they get the drivers done, it looks like) WPA upgradeable. No idea what sort of coverage range it will provide, but if you need a WiFi router you can toss in a bag, the 0.7 x 2.3 x 3.4 inch WGR101 can be had for about 100 bucks.
Read [DesignTechnica]

WRT54GC Compact Wireless-G Router Review

WRT54GC Compact Wireless-G Router Review 03/26/2005 07:07 AM

Turn your Wireless router into a Boingo
Hotspot

Turn your Wireless router into a Boingo
Hotspot 04/23/2004 02:52 AM
Warning if you are utilizing a consumer broadband account it is probably illegal for you to re-sell your bandwidth. But...

Netgear's Super Wireless Media Router

Netgear's Super Wireless Media Router 01/06/2004 01:06 PM
New wireless router from Netgear designed specifically for sharing audio and video files in a home network. The WGT634U Super Wireless Media Router uses Netgear's...

Router wireless Ya.com y 3Com contiene
codigo GPL

Router wireless Ya.com y 3Com contiene
codigo GPL 01/07/2004 06:13 PM

New protocol promises to smash Gigabit
wireless impasse

New protocol promises to smash Gigabit
wireless impasse 04/09/2004 11:44 PM

D-Link intros AirPlus Wireless Pocket
Router/AP

D-Link intros AirPlus Wireless Pocket
Router/AP 08/12/2004 05:18 PM
D-Link announced on Thursday the introduction of its new AirPlus Wireless Pocket Router/AP (Access Point), a device slightly smaller than a typical PDA that allows travelers to access and share wireless Internet connections while on the road. It features 802.11b and 802.11g compatibility, the ability to power itself over a USB port with the included adapter and three modes: router/firewall, access point and wireless client. In router mode, the device offers a firewall, an internal DHCP server for distributing IP addresses and support for VPN pass-through.

Apple builds wireless hi-fi bridge with
pocket router

Apple builds wireless hi-fi bridge with
pocket router 06/07/2004 04:01 PM
Plug and stream

Linksys WRT54G Wireless-G Broadband
Router Easily Exploited

Linksys WRT54G Wireless-G Broadband
Router Easily Exploited 06/03/2004 01:35 PM

Heads up, ye owners of the popular Linksys WRT54G Wireless-G Broadband Router. Even if you disable remote administration, the router will still allow users sharing your WiFi network to access administration web pages. That's not the end of the world unless you haven't changed your admin password, which if you're like most of us, coddled by fire-and-forget technology, you probably haven't. If you aren't taking any more steps to secure your router, at least do yourself a favor and change the default password to something else, preferably not the name of a pet, child, or the lady down the hall you've been sleeping with that you think, hey, nobody knows about but really, seriously, we all totally know.
Read [InternetNews via /.]

Update: Looks like it's not quite as bad as it could be, as the exploit only works if the built-in firewall has been disabled (it defaults to on). Still, wouldn't this be a great time to verify your settings?
Read [LinksysInfo]

Microsoft MN-500 Wireless Router
Web-Based Administration Denial of
Service

Microsoft MN-500 Wireless Router
Web-Based Administration Denial of
Service 06/21/2004 09:27 AM
“A vulnerability has been found in the Microsoft MN-500 Wireless Router…A user can deny access to the web-based administration by establishing 30 connections to the web-based administration port (80). Until the connections are closed, the router administrator cannot access the web-based administration.”

Google Lockergnome

SMC’s Wireless Cable Modem Router Among
First to Receive CableHome 1.1
Certification

SMC’s Wireless Cable Modem Router Among
First to Receive CableHome 1.1
Certification 05/31/2004 02:06 PM
SMC® Networks EZ Connect™ Wireless Cable Modem Router, SMC8013WG, has received CableHome™ 1.1 certification from CableLabs®. [PRWEB May 27, 2004]

Linksys WRT54G Wireless-G Router,
Notebook Adapter, $20 Gift Certificate
for $88

Linksys WRT54G Wireless-G Router,
Notebook Adapter, $20 Gift Certificate
for $88 08/04/2004 01:31 PM

Okay, this on is a little hard to follow, but it's worth it, so stick with me. Amazon has the Linksys WRT54G Wireless-G router (the one that runs Linux that you can flash with the magic firmware to make it do all sorts of interesting tricks) bundled with a Wireless-G notebook card for $108 (there's a "Better Together" link on the product page). If you buy both, you can use the $10 rebate on both to save $20, then go on to qualify for a $20 gift certificate on future Amazon shopping.

So basically you're getting a really nice, tinker-ready Wi-Fi router for $68 with free shipping. Not a bad deal at all, but if you still aren't seeing why this is a good deal, you probably wouldn't want one in the first place.

Read - WRT54G Product Page [Amazon via Slickdeals]
Look - Rebate Image (Use this twice) [Amazon]
Read - $20 Gift Certificate Info [Amazon]

Related
Linksys WRT54G Wireless-G Broadband Router Easily Exploited [Gizmodo]

[Full-Disclosure] iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability