RU EN
Добро пожаловать на SKY-FRAUD.RU, после регистрации , вам будут доступны все разделы форума.
Вернуться   SKY-FRAUD.RU > Основное общение > Mass media about us > D-Link Patches Recently Disclosed Router Vulnerabilities
 
Adv. info:
Важная информация
Основные домены форума: SKY-FRAUD.RU | S-FRAUD.RU

TOR: bcbm4y7yusdxthg3.onion

XMPP.NAME - Официальный Jabber сервер для участников SKY-FRAUD.RU
Mass media about us News from the world about us.

Advert 1
UAS Section 2
Advert 3
Ответ
 
Опции темы Опции просмотра
Старый 22.09.2017, 20:45   #1
radikal
Модератор
 
Аватар для radikal
 
radikal вне форума
Регистрация: 08.02.2014
Сообщений: 4,422
По умолчанию D-Link Patches Recently Disclosed Router Vulnerabilities

D-Link has released firmware updates for its DIR-850L router to address a majority of the vulnerabilities disclosed recently by a security researcher.

Earlier this month, researcher Pierre Kim disclosed the details of several flaws affecting D-Link DIR-850L routers and the company’s mydlink cloud services. The expert decided to make his findings public without giving D-Link time to release fixes due to the way the vendor had previously handled patching and coordination.

D-Link has now released updates for both revision A and B of the firmware for DIR-850L devices. The company has provided detailed instructions for updating the firmware, which it says is a two-step process.D-Link patches DIR-850L vulnerabilities

The vulnerabilities found by Kim include the lack of firmware protections, cross-site scripting (XSS), denial-of-service (DOS), and weaknesses that can be exploited to execute arbitrary commands.

The researcher also discovered that flaws in the mydlink cloud service, which allows users to access their D-Link devices from anywhere over the Internet, can be exploited by a remote and unauthenticated attacker to take complete control of a router.

Kim has analyzed the firmware updates and determined that a majority of the flaws he identified have been patched. The researcher said only a DoS issue does not appear to have been addressed properly, and he did not check some weak cloud protocol problems due to the process taking too much time.

A total of 18 CVE identifiers have been assigned by MITRE to the vulnerabilities in DIR-850L routers.

“I'm happily surprised by the results of dropping 0days without coordinated disclosure when it is about D-Link products,” Kim said. “Should this be the only method with D-Link to get working security patches in a timely manner? Hopefully one day a coordinated disclosure could work in the same way.”

Kim noted that he has identified another pre-authentication exploit that still works in revision B of the firmware.

D-Link also announced this week that a federal judge has dismissed three of the six counts in a complaint filed in January by the U.S. Federal Trade Commission (FTC) against the company over its alleged failure to implement proper security measures and making deceptive claims about the security of its products.
__________________
[Для просмотра данной ссылки нужно зарегистрироваться]
[Для просмотра данной ссылки нужно зарегистрироваться]
[Для просмотра данной ссылки нужно зарегистрироваться]
 
Ответить с цитированием

Advertising \ Реклама
2FORCE.SU - THE BIGGEST CVV SHOP ON THE UNDERGROUND MARKET

HQ DUMPS by Donald Trump
Ссылки для доступа к сервису: TRUMP-DMPS.RU


Sell RDP/Продажа дедиков/RDP SHOP #1
Ссылки для доступа к сервису: UAS-SERVICE.RU \ UAS-SERVICE.SU


HQ DUMPS by Donal Trump
Ссылки для доступа к сервису: TRUMP-DMPS.RU


Sell RDP/Продажа дедиков/RDP SHOP #1
Ссылки для доступа к сервису: UAS-SERVICE.RU \ UAS-SERVICE.SU


HQ DUMPS by Donal Trump
Ссылки для доступа к сервису: TRUMP-DMPS.RU



Ответ
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
 
Опции темы
Опции просмотра
Ваши права в разделе
Вы не можете создавать новые темы
Вы не можете отвечать в темах
Вы не можете прикреплять вложения
Вы не можете редактировать свои сообщения

BB коды Вкл.
Смайлы Вкл.
[IMG] код Вкл.
HTML код Выкл.

Быстрый переход

Похожие темы
Тема Автор Раздел Ответов Последнее сообщение
Unpatched D-Link Router Vulnerabilities Disclosed radikal Mass media about us 0 09.09.2017 13:55
Serious Vulnerabilities Disclosed in Modems Used by AT&T's U-verse Service radikal Mass media about us 0 04.09.2017 22:23
Microsoft Patches Edge Flaws Disclosed at Pwn2Own radikal Mass media about us 0 11.05.2017 22:37
Microsoft Patches Many Exploited, Disclosed Flaws radikal Mass media about us 0 16.03.2017 13:03
Vulnerabilities, Backdoors Found in D-Link Mobile Hotspot radikal Mass media about us 0 30.09.2016 01:02