Hackers reveal critical vulnerabilities in Huawei routers at Defcon

Status
Not open for further replies.

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
NetworkWorld said:
Security researchers disclosed critical vulnerabilities in routers from Chinese networking and telecommunications equipment manufacturer Huawei at the Defcon hackers conference on Sunday.

The vulnerabilities -- a session hijack, a heap overflow and a stack overflow -- were found in the firmware of Huawei AR18 and AR29 series routers and could be exploited to take control of the devices over the Internet, said Felix Lindner, the head of security firm Recurity Labs and one of the two researchers who found the flaws.

Huawei is one of the fastest growing providers of networking and telecommunication equipment in the world. Huawei equipment powers half of the world's Internet infrastructure, Lindner said.

The researcher, who also analyzed the security of Cisco networking equipment in the past, described the security of the Huawei devices he analyzed as "the worst ever" and said that they're bound to contain more vulnerabilities.

During the Defcon talk, which Lindner gave together with Recurity Labs security consultant Gregor Kopf, the researchers pointed out that there are over 10,000 calls in the firmware's code to sprintf, a function that's known to be insecure.


Read more on NetworkWorld
 
D

Deleted member 178

- Paranoid Mode : On -

Who knows if it is "accidental" or "with purposes" ... :dodgy:
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top