Bugtraq mailing list archives

Re: NETGEAR DG834G SPECIAL FEATURES

From: Dave Paris <dparis () w3works com>
Date: Fri, 13 Aug 2004 13:11:04 -0400

The Zebra issue is simply a default password/default configurationissue. The documentation _clearly_ states that is should be changed andthan an 'enable password' be applied. In neither case does this allowany "exploit" to take place, as you're restricted to the Zebra processand not the OS.

It's no more of an exploit than Oracle's system/manager,sys/change_on_install, or scott/tiger username/password combinationsthat are installed by default.


Kind Regards,
-dsp

thanasonic () hack gr wrote:

In-Reply-To: <005e01c48141$4e82f880$0701a8c0@COOKIE>

Sorry for not mentioning that.Thats why the subject is called "SPECIAL FEATURE" and not a bug.
By the way, the second issue about zebra its true and as i informed about it ,it can be exploited localy or remotely.

Thanks for your reply,
Thanasonic

Current thread:

NETGEAR DG834G SPECIAL FEATURES thanasonic (Aug 12)
- Re: NETGEAR DG834G SPECIAL FEATURES Uday Moorjani (Aug 13)
- <Possible follow-ups>
- RE: NETGEAR DG834G SPECIAL FEATURES Andre Lorbach (Aug 13)
- Re: NETGEAR DG834G SPECIAL FEATURES thanasonic (Aug 13)
  - Re: NETGEAR DG834G SPECIAL FEATURES Dave Paris (Aug 13)
- Re: NETGEAR DG834G SPECIAL FEATURES Paul James (Aug 25)
  - Re: NETGEAR DG834G SPECIAL FEATURES Rodrigo Barbosa (Aug 27)
    - RE: NETGEAR DG834G SPECIAL FEATURES prj (Aug 26)
  - Re: NETGEAR DG834G SPECIAL FEATURES Luca Berra (Aug 31)