shift or die

yapb — yet another perl blog

[LOGO] alech's blog. Perl, Security, Curiosities, Links, Rants, Photos, yadayada

Navigation

Home | Articles

Tags

  • 2009challenge
  • 202c
  • angerwhale
  • chaosradio
  • darmstadt
  • deutsch
  • dns
  • dpw9
  • english
  • ffm
  • firefox
  • funny
  • gpw9
  • kite
  • md5
  • mifare
  • mrmcd
  • mrmcd111b
  • muenchen
  • music
  • nexenta
  • openbc
  • openxpki
  • osx
  • perl
  • ph-neutral
  • photos
  • rant
  • security
  • snowboarding
  • spaces
  • unicode
  • vbscript
  • vegetarisch
  • virtuedesktops
  • vorratsdatenspeicherung
  • xing

Login

Not logged in. Log in.

Updates on dproxy and Xing

Tags: english openbc security xing [+]

Posted on 2007-4-7 (土) at 1:15 pm

I guess I owe you some updates ... My buffer overflow exploit is published (advisory, Metasploit module), it was about dproxy, a small caching DNS proxy. A few days later, mu-b published an exploit for dproxy-nexgen. His exploit is much worse because dproxy-nexgen is the version that is used in a number of WLAN APs. I've tried the exploit and contacted the vendors who are known to use it (Linksys, Asus, Netgear, AVM) on March 31st. So far, I only got an answer from Linksys (who were the only ones where I could easily find an E-Mail address for security purposes, too) saying that they are investigating the report. If anyone knows any more boxes that use dproxy, please let me know.

My little Xing hack is fixed, too. My guess is that they got tipped of by someone who was pointed to this blog entry ...


Last modified: 2007-4-7 (土) at 1:41 pm

Comments on Updates on dproxy and Xing | no comments | Post a comment

[YAML] [XML]


Page generated by Angerwhale version 0.03 (390 ) on 2010-7-31 (土) at 7:14 pm.

Valid XHTML. Valid CSS. Valid SVG. (If you're seeing this, though, you need a better browser so you can actually see them!)