NTA Monitor

Latest News

Finance industry faces serious IT security issues

23rd June 2008 The finance industry needs to keep its eye on the small change as well as the bigger picture of its security vulnerabilities Read More

Retail sector faces serious IT security issues

23rd June 2008 The retail sector needs to set out its stall and ring the changes in its security vulnerabilities if it is to avoid the potential for hackers to gain unauthorised system access and disrupt service availability Read More

IT managers have more security headaches to deal with

11th May 2008 NTA Monitor's 2008 Annual Security Report has revealed that the average number of vulnerabilities found per test have increased to 21 compared with 19 in 2007 Read More

Solutions not excuses for patch management warns NTA Monitor

23rd April 2008 Patch management is a vital security requirement for any organsation Read More
Date: 30th July 2004
Risk: Medium

Cisco Systems has issued a patch for a security flaw in one of its Linksys routers that could give hackers access to consumers' home networks.

Alan Rateliff II, an independent security consultant, has published details of vulnerabilities in the Linksys WRT54G 802.11g wireless router. The flaw gives attackers a free pass into the Web-based configuration page of the router when the firewall function is turned off.

When originally tested in March, it was discovered that this vulnerability existed on two Linksys routers straight from the store. The default configuration on the products used version 2.02.7 of the firmware, and enabled access to the configuration page via ports 80 and 443.

When new Linksys routers were tested, using both firmware versions 2.02.7 and 2.02.2, the same flaw on routers that use the standard configuration settings was not evident. But when the firewall is turned off on the devices, ports 80 and 443 are still open, allowing the configuration page to be easily accessed.

Allowing easy access to configuration settings on a router is a security risk. Attackers could change settings of the router to launch spam and virus attacks, without the victim ever realising what is going on. Attackers could also gain access to devices attached to the router, such as laptops and PCs. With an open door into the network, attackers could target unprotected individual machines and infect them with worms and viruses.

Broadband users on large national ISPs, such as AOL, could be the most vulnerable, as these tend to be the main scanning grounds for potential attackers.

For the most part, this problem exists only when the firewall function is turned off. Considering that most people concerned about security would keep the firewall turned on, this may not be such a big threat. But caution is being advised, to check and make sure that their settings are correct when users install the Linksys routers.

The Linksys home networking gear is among the most popular on the consumer market. The brand has more than 20 percent market share in the home and small-business Wi-Fi market, according to Synergy Research.

References

http://www.cisco.com http://www.linksys.com