PDA

View Full Version : FYI: Severe UPnP Flaw Allows Router Hijacking


Positive Friction
2008-02-05, 03:33 AM
Just a headsup for everyone as I know I missed this news last month.

http://www.informationweek.com/news/showArticle.jhtml?articleID=205800419

"A vulnerability in networking devices that support UPnP (Universal Plug and Play) can be exploited through a malicious SWF (Flash) file on a Web site, US-CERT warned Monday.

Visiting such a Web site may allow an attacker to reconfigure or take over devices connected to the victim's system that support UPnP. This includes routers, cameras, printers, mobile phones, and digital entertainment systems...Successfully executing the attack allows the attacker to take over the affected router, allowing him or her to bypass firewalls, access Web router administration pages, attack Internet hosts through the router, and alter networking settings."

Five
2008-02-06, 04:39 PM
after looking over here
http://www.gnucitizen.org/blog/flash-upnp-attack-faq

it seems that not even one person has been hit with this yet.

seems it might be a good idea to block flash and just enable it when you're using a flash-based site like youtube (also speeds up surfing). you can use flashblock extension for ff or in opera go to tools>quick preferences> and uncheck enable plugins. if you're using ie I'm not certain how to block flash (you're probably beyond help anyways in that case--just kidding! ;) ).

if you're feeling clever you can disable UPnP and do things the old fashioned way.

seems that if this becomes any kind of a problem (i.e. one or more ppl affected by it) they will patch the security hole in the next release of flash, so its always good to stay updated.