[IGPP Everyone] Misfortune cookie vulnerability
Todd King
tking at igpp.ucla.edu
Fri Dec 19 10:35:41 PST 2014
Hi all -
Keeping your personal information sometimes means eliminating
vulnerabilities.
Here's an article describing the "Misfortune Cookie" vulnerability that
may exist in your home (DSL) gateway device.
http://arstechnica.com/security/2014/12/12-million-home-and-business-routers-vulnerable-to-critical-hijacking-hack/
It affects gatewway devices manufactured by Linksys, D-Link, Edimax,
Huawei, TP-Link, ZTE, and ZyXEL.
A white paper can be found at:
http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf
with protection and mitigation details at the end of the paper.
Some of these steps are probably beyond what most of us can do. If you
have any concerns you may want to contact your Internet Service Provider
and ask if the version of the gateway device or the network
configuration protects against the "Misfountune Cookie" vulnerability.
-Todd-
More information about the Everyone
mailing list