Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAAA segfault

Posted on 2019-03-01 by pappp

Article note: Again? It's a classic "strcopy into a buffer fixed-bytes away from the return address" bug.

RV110W, RV130W, RV215W need patching to close remote hijacking bug

Cisco has patched three of its RV-series routers after Pen Test Partners (PTP) found them using hoary old C function strcpy insecurely in login authentication function. The programming blunder can be exploited to potentially hijack the devices.…

This entry was posted in News. Bookmark the permalink.

Leave a Reply Cancel reply

Search for:
Web Presence
- Lemmy
- last.fm
- Linkedin
Page Navigation
- About Me
- Schedule
- News
Meta
April 2024

S M T W T F S

1 2 3 4 5 6

7 8 9 10 11 12 13

14 15 16 17 18 19 20

21 22 23 24 25 26 27

28 29 30

« Mar
Recent Posts
Random Quote

Software is like sex: It’s better when it’s free.

— Linus Torvalds
Categories
- Announcements
- Computers
- DIY
- Electronics
- Entertainment
- FoodBlogging
- General
- Literature
- Meta
- Music
- Navel Gazing
- News
- Objects
- OldBlog
- School
License

Unless otherwise noted, this work is licensed under a Creative Commons Attribution-ShareAlike 3.0 United States License.

Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAAA *segfault*

RV110W, RV130W, RV215W need patching to close remote hijacking bug

Leave a Reply Cancel reply

Web Presence

Page Navigation

Meta

Recent Posts

Random Quote

Categories

License

Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAAA segfault