Sweex Wireless Broadband Routers have tftp enabled by default with no way to restrict the service, allowing malicious attackers to download configuration files.
f0daacd8c73180fc13cf5589648b63e687c10ac6e2670c069eb61c93a99364d2
TITLE:
Sweex Wireless Broadband Router Exposure of Configuration
SECUNIA ADVISORY ID:
SA11603
VERIFY ADVISORY:
http://secunia.com/advisories/11603/
CRITICAL:
Moderately critical
IMPACT:
Exposure of system information, Exposure of sensitive information
WHERE:
>From local network
OPERATING SYSTEM:
Sweex Wireless Broadband Router/ Acces Point 11g
DESCRIPTION:
Mark Janssen has reported a vulnerability in Sweex Wireless Broadband
Router/Accesspoint, allowing malicious people to gain knowledge of
the configuration.
The problem is that the tftp service is running by default and isn't
restricted in anyway. This allows anyone with access to the network
to download configuration files, including a file containing
usernames and passwords.
Reportedly, the tftp service can't be disabled.
Other Sweex products may also be affected.
SOLUTION:
Do not use the device on networks with untrusted users.
PROVIDED AND/OR DISCOVERED BY:
Mark Janssen
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------