Thread-topic: FYI: Cisco Routers Vulnerable to Drive-by Pharming Attacks
úÁÂÁ×ÎÁÑ ÁÔÁËÁ...
> -- Cisco Routers Vulnerable to Drive-by Pharming Attacks
> (22 February 2007)
> Cisco has posted a Security Response on its web site warning that
> 77 of its routers are vulnerable to what has been dubbed a drive-by
> pharming attack. Users are urged to change the default user names and
> passwords on their routers. Cisco's posting describes which routers
> are vulnerable to the attack. The flaw affects largely home and
> small business users, as enterprise-level routers generally require
> the default user names and passwords to be changed during set up.
> The attack could be exploited to alter the router's DNS settings,
> directing the users to phony web sites that could potentially be
> exploited by phishers.
>
>
> [Editor's Note (Pescatore): There is no real "drive-by" required for
> this, spyware or web malware can be used to launch the attack. It is
> really just a clever attack taking advantage of cases when a product
> doesn't force default passwords to be changed and when vulnerable
> capabilities are on by default. Even consumer or SOHO grade products
> should have moved away from those conditions long ago.
> (Grefer): This vulnerability is NOT limited
> to Cisco routers, but is rather a widely spread
> issue. A reasonably
> comprehensive list of products, user IDs and passwords is located at
> ]
>
