Ed Hansberry
09-21-2005, 06:00 AM
<a href="http://www.watchguard.com/RSS/showarticle.aspx?pack=RSS.CornerSep15.05">http://www.watchguard.com/RSS/showarticle.aspx?pack=RSS.CornerSep15.05</a><br /><br />There are a few security issues that have cropped up lately that I am sure some of our readers are susceptible to. First, those of you with a wireless LAN using the Linksys WRT54G router, there are <i>five</i> issues. <br /><br /><i>"This week iDEFENSE released five advisories describing flaws in Cisco Systems Inc.'s Linksys WRT54G wireless router. All five vulnerabilities involve the router's Web-based management service. An unauthenticated attacker can exploit these vulnerabilities to prevent you from accessing the router's management service; to configure your router; to modify your router's firmware; or to flat-out gain complete control your router. While these vulnerabilities sound really bad, one catch prevents them from posing a critical threat. An attacker can exploit them only from the router's internal network. Unless you leave your wireless network wide open, these vulnerabilities probably won't bite you. However, if you own this Linksys router, update its firmware as soon as you can.</i>"<br /><br />All five issues are fixed by downloading the newest firmware. Now for software you might have on your Pocket PC. There are three apps, vxTFTPSrv, vxFTPSrv and vxWeb, that have issues you should be aware of. There is no fix so here your best defense is to know the issues and be on the look out for them.