LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > LinuxQuestions.org > Linux - News > Syndicated Linux News
User Name
Password
Syndicated Linux News This forum is for the discussion of Syndicated Linux News stories.

Notices

Reply
 
Search this Thread
Old 07-23-2009, 01:00 AM   #1
LXer
LXer NewsBot
 
Registered: Dec 2005
Posts: 75,156

Rep: Reputation: 87
LXer: Root vulnerability in DD-WRT free router firmware


Published at LXer:

The management interface of the current stable version of DD-WRT, the free router firmware, suffers a vulnerability that lets attackers run programs with root rights on the router. The vulnerability, described at milw0rm and in the DD-WRT forum, is caused by inadequate handling of meta-characters in the query string in DD-WRT's httpd web server. The server will then run programs even when no session is running.

Read More...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Root Exploit Vulnerability in Kernel 2.6.30 LXer Syndicated Linux News 0 07-21-2009 08:10 PM
LXer: Proprietary Firmware and the Pursuit of a Free Kernel LXer Syndicated Linux News 0 11-29-2008 04:20 PM
LXer: X-Wrt extends OpenWrt router firmware LXer Syndicated Linux News 0 06-18-2007 03:16 PM
LXer: Turn your SOHO router into a powerhouse with DD-WRT LXer Syndicated Linux News 0 09-27-2006 01:33 AM
LXer: Qualys Offers Free Vulnerability Scan Mapped to New Threats ... LXer Syndicated Linux News 0 05-08-2006 03:33 PM


All times are GMT -5. The time now is 07:05 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration