[NEWS] D-Link DWL-2100ap Information Disclosure
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 11 Jun 2006 14:15:02 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
- - - - - - - - -
D-Link DWL-2100ap Information Disclosure
D-Link AirPlus Xtreme GTM series of high-speed devices now capable of
delivering transfer rates up to 15x faster than the standard 802.11b with
the new D-Link 108G.
Improper authentication validation allows attackers to retrieve
information from a D-Link Wireless Access-Point DWL-2100ap.
Usually by making an HTTP request to the /cgi-bin/ directory, the Web
server will return error 404 (Page not found).
By Making an HTTP request to the /cgi-bin/AnyFile.htm file, the Web server
will return error 404 (Page not found).
However, by making an HTTP request to any file in /cgi-bin/ directory with
the extension of .cfg will return all the device configuration.
# Copyright (c) 2002 Atheros Communications, Inc., All Rights Reserved
# DO NOT EDIT -- This configuration file is automatically generated
wlan1 passphrase AnewBadPassPhrase
# Several lines removed.
D-Link DWL-2100ap Access Point does not allow users to disable the Web
server, or even have an options to filter open ports.
Upgrade the firmware of D-Link DWL-2100ap Access Point:
11/02/2006 - Vulnerability discovered during a Pen-Test.
15/02/2006 - D-Link World Wide Team Contacted.
17/02/2006 - No response.
18/02/2006 - D-Link World Wide Team re-contacted.
24/02/2006 - No response.
25/02/2006 - D-Link World Wide Team last try of contact.
29/02/2006 - No response.
29/02/2006 - D-Link Brazil Team Contacted.
02/03/2006 - No response.
03/03/2006 - D-Link Brazil Team re-contacted.
06/03/2006 - D-Link Brazil Team responded.
09/03/2006 - Patch created.
14/03/2006 - Patch added to D-Link Brazil download site.
06/06/2006 - published advisory.
The information has been provided by
<mailto:news@xxxxxxxxxxxxxxxxxxxxxxxxx> INTRUDERS TIGER TEAM.
The original article can be found at:
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [NT] Microsoft NetMeeting Null Pointer
- Next by Date: [EXPL] CesarFTP Buffer Overflow (Exploit)
- Previous by thread: [NT] Microsoft NetMeeting Null Pointer
- Next by thread: [EXPL] CesarFTP Buffer Overflow (Exploit)