Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs  Black Box Testing  Vulnerability Assessment  Vulnerability Scanner SecuriTeam™ in Your Inbox   E-mail this article to a friend New vulnerability? New tool? Tell us	D-Link DSL-G604T Wireless Router Directory Traversal 7 May 2006    Summary "DSL-G604T, a Wireless ADSL router modem combining both an ADSL modem and 802.11g wireless router in one unit, bringing high-speed wireless Internet connection to a home or office." Improper parameter validation causes a directory traversal situation with D-Link DSL-G604T Wireless Routers.   Credit: The information has been provided by Qex.    Details Protect your website! Use an External Vulnerability Scanner! Nothing to install. First report in 1 hour! www.beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * D-Link firmware version V1.00B02T02.EU.20040618 D-Link DSL-G604T Wireless Router does not properly validate and check the user input. Attackers can cause a directory traversal by using the parameter getpage that is used with /cgi-bin/webcm . Proof of Concept: http://192.168.1.1/cgi-bin/webcm?getpage=/etc/passwd  Comments:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews  Related Articles VMware Emulation Flaw x64 Guest Privilege Escalation Juniper Netscreen Firewall Cross-Site-Scripting (XSS) Event Log Injection Google Docs (HTML code) Multiple Cross Site Scripting Vulnerabilities ABB PCU400 Buffer Overflow MPlayer Real Demuxer Heap Overflow Aruba Mobility Controller Shared Default Certificate Opera Browser Vulnerable To UTF-8 Whitespace Characters Pro2col StingRay FTS Login Username Cross Site Scripting D-Link DIR-100 Long URL Filter Evasion Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA Marvell Driver EAPoL-Key Length Overflow Marvell Driver Null SSID Association Request Vulnerability Atheros Vendor Specific Information Element Overflow Cisco Secure ACS Denial Of Service Vulnerability 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point Malformed HTTP POST DoS  Featured Articles VMware Emulation Flaw x64 Guest Privilege Escalation WordPress MU wpmu-Blogs.php Crose Site Scrpting Vulnerability Google Docs (HTML code) Multiple Cross Site Scripting Vulnerabilities ABB PCU400 Buffer Overflow InstallShield Update Agent "Rule Script" Code Execution Vulnerability Cross-Site Scripting Filter Evasion in Various Frameworks / Applications Microsoft Windows WRITE_ANDX SMB Command Handling Kernel DoS
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © 1998-2008 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®