Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Misfortune Cookie  (Read 1672 times)

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33035
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Misfortune Cookie
« on: December 19, 2014, 09:04:03 PM »

Someone passed me on this link today, which is worth a mention as the news seems to be quite full of it today.

Quote
Infosec biz Check Point claims it has discovered a critical software vulnerability that allows hackers to hijack home and small business broadband routers across the web.

The commandeered boxes could be used to launch attacks on PCs and gadgets within their local networks.

More than 12 million low-end SOHO routers worldwide are affected by the bug, dubbed Misfortune Cookie, we're told. At least 200 different models of devices from various manufacturers and brands are vulnerable, it's claimed, including kit from D-Link, Edimax, Huawei, TP-Link, ZTE, and ZyXEL.

http://www.theregister.co.uk/2014/12/18/misfortune_cookie/

Ive tried having a quick search around to see what is affected and it would appear that this bug was supposedly introduced in 2002 and the fix made available in 2005.  However there may be many modem routers which are still vulnerable.

Theres a list here of suspected vulnerable routers
http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf

From what I can see, it mostly seems to affect older models.



Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

tickmike

  • Kitizen
  • ****
  • Posts: 3570
  • Yes Another Penguin !. :)
Re: Misfortune Cookie
« Reply #1 on: December 19, 2014, 09:45:50 PM »

From there list 'EchoLife Home Gateway Huawei'         :o
Logged
I have a set of 6 fixed IP's From  Eclipse Business isp.BT ADSL2(G992.3)line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) Trunk Networks Business isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN  .

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33035
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Misfortune Cookie
« Reply #2 on: December 19, 2014, 10:01:41 PM »

Im not certain, but based on the other listings I took that to be the EchoLife Home Gateway HG520s -  ie as was used by Talktalk.   
There's also a couple of other old TT routers listed such as the SmartAX range
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker
 

anything