Linksys vulnerability puts home users at risk

An easily exploitable software vulnerability in a common home networking router by Linksys Group Inc. could expose thousands of home users to denial of service attacks, according to a security advisory issued by iDefense Inc., a software security company.

Linksys, based in Irvine, California, could not immediately be reached for comment.

Linksys is one of a number of companies that sell low-priced network gear to SOHO (small office/home office) customers. The product, the Linksys BEFSR41 EtherFast Cable/DSL router, is a low-cost router that allows two or more computers to share an ethernet or broadband Internet connection.

A security hole in some versions of the software -- called "firmware" -- used by the router could allow a remote user to crash the device, interrupting Internet service for any computers attached to it, according to iDefense.

To cause a crash, an attacker only needs to enter the URL (uniform resource locator) for a CGI (Common Gateway Interface) script used to configure and manage the router without providing any "arguments" (input for the script to process), according to iDefense.

News source: IDG - Linksys vulnerability puts home users at risk

Report a problem with article
Next Article

CloneCD 4.1.0.1 Released

Previous Article

Mailwasher 2.0.13 Beta