From Security Weekly WikiJump to navigationJump to search
, 18:16, 30 September 2008
[http://securityvulns.com/news/Linksys/WRT350N/UA.html Linksys WRT350N unauthorized access] - [PaulDotCom] - So, this is perhaps one of the lamest vuln write-ups, but lets go through it anyway:
* Router contains and "Outdated Samba 3.0.2, vulnerable to numerous security holes." Okay, well, that sucks (See metasploit for associated exploit, '''msf >
info linux/samba/lsa_transnames_heap'''). Supposedly, there is no way to disable the samba server.
* "Default admin:admin user" - This is the default on most routers, I beg and plead with vendors to allow the user to set the initial password, but it falls on deaf ears.