Ars breaks Misfortune Cookie vulnerability news to public
While the flaw is 12 years old and the fix 9, the article suggests that firmware for consumer routers may yet be being built with the vulnerable webserver code baked in. If you are responsible for lots of eyeballs you might want to look at this. http://arstechnica.com/security/2014/12/12-million-home-and-business-routers... Have a nice Christmas weekend. :-) Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
Glad I'm using a freebsd based routing solution. On Dec 19, 2014 5:54 PM, "Jay Ashworth" <jra@baylink.com> wrote:
While the flaw is 12 years old and the fix 9, the article suggests that firmware for consumer routers may yet be being built with the vulnerable webserver code baked in.
If you are responsible for lots of eyeballs you might want to look at this.
http://arstechnica.com/security/2014/12/12-million-home-and-business-routers...
Have a nice Christmas weekend. :-)
Cheers, -- jra
-- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
* javier@advancedmachines.us (Javier J) [Sat 20 Dec 2014, 00:50 CET]:
Glad I'm using a freebsd based routing solution.
Time to update that one too: https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01 -- Niels.
Haha, yeah I spoke too soon. Happy Holidays. Also has anyone looked at the list of devices / vendors that are using that software? https://www.allegrosoft.com/about-allegro-software#tabs-896-0-4 Did the vendors know their vendor was giving them buggy software? What is the test for this vuln? On Fri, Dec 19, 2014 at 8:01 PM, Niels Bakker <niels=nanog@bakker.net> wrote:
* javier@advancedmachines.us (Javier J) [Sat 20 Dec 2014, 00:50 CET]:
Glad I'm using a freebsd based routing solution.
Time to update that one too: https://ics-cert.us-cert.gov/ advisories/ICSA-14-353-01
-- Niels.
Here’s the thing I don’t get… You have X provider supplying routers with vulnerable firmware that have remote support (TR-069) enabled. Why would Check Point not at least name and shame, instead of trying to market their security? I know the hack is old, but grandma isn’t probably up to date on the latest firmware that should have been upgrade through TR-069. I’m honestly more upset with the reporting than the normal residential cpe didn’t get upgraded. But yeah, Happy Holidays everyone... Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300 F: 610-429-3222
On Dec 19, 2014, at 5:54 PM, Jay Ashworth <jra@baylink.com> wrote:
While the flaw is 12 years old and the fix 9, the article suggests that firmware for consumer routers may yet be being built with the vulnerable webserver code baked in.
If you are responsible for lots of eyeballs you might want to look at this.
http://arstechnica.com/security/2014/12/12-million-home-and-business-routers...
Have a nice Christmas weekend. :-)
Cheers, -- jra
-- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
19:25 <@andrewTO> http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf has a list of potentially vulnerable devices 19:25 <@math> andrewTO@opensrs++ /kc -- Ken Chase - ken@heavycomputing.ca skype:kenchase23 +1 416 897 6284 Toronto Canada Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
On what basis do you assume that there is TR-069 support in these routers? And even if there is, that the service provider manages them via TR-069? Frank -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Eric Tykwinski Sent: Friday, December 19, 2014 6:47 PM To: Jay Ashworth Cc: NANOG Subject: Re: Ars breaks Misfortune Cookie vulnerability news to public Here’s the thing I don’t get… You have X provider supplying routers with vulnerable firmware that have remote support (TR-069) enabled. Why would Check Point not at least name and shame, instead of trying to market their security? I know the hack is old, but grandma isn’t probably up to date on the latest firmware that should have been upgrade through TR-069. I’m honestly more upset with the reporting than the normal residential cpe didn’t get upgraded. But yeah, Happy Holidays everyone... Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300 F: 610-429-3222
On Dec 19, 2014, at 5:54 PM, Jay Ashworth <jra@baylink.com> wrote:
While the flaw is 12 years old and the fix 9, the article suggests that firmware for consumer routers may yet be being built with the vulnerable webserver code baked in.
If you are responsible for lots of eyeballs you might want to look at this.
http://arstechnica.com/security/2014/12/12-million-home-and-business-routers...
Have a nice Christmas weekend. :-)
Cheers, -- jra
-- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
participants (6)
-
Eric Tykwinski
-
Frank Bulk
-
Javier J
-
Jay Ashworth
-
Ken Chase
-
Niels Bakker