D-Link update closes voyeur's ASCII peephole
Can you tell what it is yet? Core Security snapped this picture of their coffee pot via the streaming hole.
Source: Core Security
Network equipment supplier D-Link has released firmware security updates for five routers and eight IP cameras. Whilst the router vulnerabilities are strongly reminiscent of vulnerabilities previously fixed in other models, the camera vulnerabilities conceal a nasty surprise – unauthorised viewers can intercept the camera stream as either a video stream or ASCII output.
The IP camera vulnerabilities were discovered by Core Security. According to Core Security's advisory, there are several different methods whereby an unauthenticated attacker can access the camera stream as either an HTTP or RTSP stream or even as an ASCII animation. The latter is the result of the camera's willingness to output the image luminance via the lums.cgi script. It is also possible to inject commands via the camera's web interface and there's also the presence of hard-coded access credentials in the firmware effectively creating a backdoor.
Core Security reports that it informed D-Link of the security issues in mid-March. According to D-Link, the newly released update addresses all of the vulnerabilities listed in the advisory in all models sold or previously sold in the UK. Specifically, the following models:
- DCS-1130
- DCS-2121
- DCS-2121 (FR)
- DCS-2121 (Tesco)
- DCS-3411
- DCS-3430
- DCS-5605
- DCS-7510
There are also firmware security updates for the following routers:
- DIR-815 (hardware revision A)
- DIR-845L (hardware revision A)
- DIR-865L (hardware revision A)
- DSL-320B (hardware revision D2)
- DSL-321B (hardware revision D2)
(djwm)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
