DEF CON 22 I Hunt TR 069 Admins Pwning ISPs Like a Boss
Christopher Chance
cchance at newtechgrp.com
Fri Jan 23 14:43:51 EST 2015
Zaid,
What's the best way to apply this, I did a Git Pull but it says that its already updated do I need to specify to upgrade to 1.0.3 somehow?
Chris
-----Original Message-----
From: Users [mailto:users-bounces at lists.genieacs.com] On Behalf Of Zaid Abdulla
Sent: Friday, January 16, 2015 5:09 PM
To: users at lists.genieacs.com
Subject: DEF CON 22 I Hunt TR 069 Admins Pwning ISPs Like a Boss
Hello,
I thought you guys might be interested in this TR-069 related talk:
https://www.youtube.com/watch?v=DlID0CH3j4M
In this talk Shahar and his team from Checkpoint Technologies researched a few ACS systems looking for security vulnerabilities. GenieACS was one of the systems they looked into and found a vulnerability. They were kind to inform me before publishing their findings. This is the fix of said vulnerability if anyone is curious:
https://github.com/zaidka/genieacs/commit/03f9a9e6289c18f3a9742d9737552d150294605d
Zaid
_______________________________________________
Users mailing list
Users at lists.genieacs.com
http://lists.genieacs.com/mailman/listinfo/users
More information about the Users
mailing list