Wed Apr 24 18:55:43 2024
EVENTS
 FREE
SOFTWARE
INSTITUTE
 POLITICS
 JOBS
 MEMBERS'
CORNER
 MAILING
LIST
NYLXS Mailing Lists and Archives
NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2019-06-01

HANGOUT

2024-04-24 | 2024-03-24 | 2024-02-24 | 2024-01-24 | 2023-12-24 | 2023-11-24 | 2023-10-24 | 2023-09-24 | 2023-08-24 | 2023-07-24 | 2023-06-24 | 2023-05-24 | 2023-04-24 | 2023-03-24 | 2023-02-24 | 2023-01-24 | 2022-12-24 | 2022-11-24 | 2022-10-24 | 2022-09-24 | 2022-08-24 | 2022-07-24 | 2022-06-24 | 2022-05-24 | 2022-04-24 | 2022-03-24 | 2022-02-24 | 2022-01-24 | 2021-12-24 | 2021-11-24 | 2021-10-24 | 2021-09-24 | 2021-08-24 | 2021-07-24 | 2021-06-24 | 2021-05-24 | 2021-04-24 | 2021-03-24 | 2021-02-24 | 2021-01-24 | 2020-12-24 | 2020-11-24 | 2020-10-24 | 2020-09-24 | 2020-08-24 | 2020-07-24 | 2020-06-24 | 2020-05-24 | 2020-04-24 | 2020-03-24 | 2020-02-24 | 2020-01-24 | 2019-12-24 | 2019-11-24 | 2019-10-24 | 2019-09-24 | 2019-08-24 | 2019-07-24 | 2019-06-24 | 2019-05-24 | 2019-04-24 | 2019-03-24 | 2019-02-24 | 2019-01-24 | 2018-12-24 | 2018-11-24 | 2018-10-24 | 2018-09-24 | 2018-08-24 | 2018-07-24 | 2018-06-24 | 2018-05-24 | 2018-04-24 | 2018-03-24 | 2018-02-24 | 2018-01-24 | 2017-12-24 | 2017-11-24 | 2017-10-24 | 2017-09-24 | 2017-08-24 | 2017-07-24 | 2017-06-24 | 2017-05-24 | 2017-04-24 | 2017-03-24 | 2017-02-24 | 2017-01-24 | 2016-12-24 | 2016-11-24 | 2016-10-24 | 2016-09-24 | 2016-08-24 | 2016-07-24 | 2016-06-24 | 2016-05-24 | 2016-04-24 | 2016-03-24 | 2016-02-24 | 2016-01-24 | 2015-12-24 | 2015-11-24 | 2015-10-24 | 2015-09-24 | 2015-08-24 | 2015-07-24 | 2015-06-24 | 2015-05-24 | 2015-04-24 | 2015-03-24 | 2015-02-24 | 2015-01-24 | 2014-12-24 | 2014-11-24 | 2014-10-24 | 2014-09-24 | 2014-08-24 | 2014-07-24 | 2014-06-24 | 2014-05-24 | 2014-04-24 | 2014-03-24 | 2014-02-24 | 2014-01-24 | 2013-12-24 | 2013-11-24 | 2013-10-24 | 2013-09-24 | 2013-08-24 | 2013-07-24 | 2013-06-24 | 2013-05-24 | 2013-04-24 | 2013-03-24 | 2013-02-24 | 2013-01-24 | 2012-12-24 | 2012-11-24 | 2012-10-24 | 2012-09-24 | 2012-08-24 | 2012-07-24 | 2012-06-24 | 2012-05-24 | 2012-04-24 | 2012-03-24 | 2012-02-24 | 2012-01-24 | 2011-12-24 | 2011-11-24 | 2011-10-24 | 2011-09-24 | 2011-08-24 | 2011-07-24 | 2011-06-24 | 2011-05-24 | 2011-04-24 | 2011-03-24 | 2011-02-24 | 2011-01-24 | 2010-12-24 | 2010-11-24 | 2010-10-24 | 2010-09-24 | 2010-08-24 | 2010-07-24 | 2010-06-24 | 2010-05-24 | 2010-04-24 | 2010-03-24 | 2010-02-24 | 2010-01-24 | 2009-12-24 | 2009-11-24 | 2009-10-24 | 2009-09-24 | 2009-08-24 | 2009-07-24 | 2009-06-24 | 2009-05-24 | 2009-04-24 | 2009-03-24 | 2009-02-24 | 2009-01-24 | 2008-12-24 | 2008-11-24 | 2008-10-24 | 2008-09-24 | 2008-08-24 | 2008-07-24 | 2008-06-24 | 2008-05-24 | 2008-04-24 | 2008-03-24 | 2008-02-24 | 2008-01-24 | 2007-12-24 | 2007-11-24 | 2007-10-24 | 2007-09-24 | 2007-08-24 | 2007-07-24 | 2007-06-24 | 2007-05-24 | 2007-04-24 | 2007-03-24 | 2007-02-24 | 2007-01-24 | 2006-12-24 | 2006-11-24 | 2006-10-24 | 2006-09-24 | 2006-08-24 | 2006-07-24 | 2006-06-24 | 2006-05-24 | 2006-04-24 | 2006-03-24 | 2006-02-24 | 2006-01-24 | 2005-12-24 | 2005-11-24 | 2005-10-24 | 2005-09-24 | 2005-08-24 | 2005-07-24 | 2005-06-24 | 2005-05-24 | 2005-04-24 | 2005-03-24 | 2005-02-24 | 2005-01-24 | 2004-12-24 | 2004-11-24 | 2004-10-24 | 2004-09-24 | 2004-08-24 | 2004-07-24 | 2004-06-24 | 2004-05-24 | 2004-04-24 | 2004-03-24 | 2004-02-24 | 2004-01-24 | 2003-12-24 | 2003-11-24 | 2003-10-24 | 2003-09-24 | 2003-08-24 | 2003-07-24 | 2003-06-24 | 2003-05-24 | 2003-04-24 | 2003-03-24 | 2003-02-24 | 2003-01-24 | 2002-12-24 | 2002-11-24 | 2002-10-24 | 2002-09-24 | 2002-08-24 | 2002-07-24 | 2002-06-24 | 2002-05-24 | 2002-04-24 | 2002-03-24 | 2002-02-24 | 2002-01-24 | 2001-12-24 | 2001-11-24 | 2001-10-24 | 2001-09-24 | 2001-08-24 | 2001-07-24 | 2001-06-24 | 2001-05-24 | 2001-04-24 | 2001-03-24 | 2001-02-24 | 2001-01-24 | 2000-12-24 | 2000-11-24 | 2000-10-24 | 2000-09-24 | 2000-08-24 | 2000-07-24 | 2000-06-24 | 2000-05-24 | 2000-04-24 | 2000-03-24 | 2000-02-24 | 2000-01-24 | 1999-12-24

Key: Value:

Key: Value:

MESSAGE
DATE 2019-06-22
FROM Ruben Safir
SUBJECT Subject: [Hangout - NYLXS] On Linksys WAG54G2 1.00.10 devices
https://nvd.nist.gov/vuln/detail/CVE-2009-5157

Current Description

On Linksys WAG54G2 1.00.10 devices, there is authenticated command
injection via shell metacharacters in the setup.cgi c4_ping_ipaddr variable.

Source: MITRE
Hide Analysis Description
Analysis Description

On Linksys WAG54G2 1.00.10 devices, there is authenticated command
injection via shell metacharacters in the setup.cgi c4_ping_ipaddr variable.

Source: MITRE
Impact
CVSS v3.0 Severity and Metrics:

Base Score: 8.8 HIGH
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (V3 legend)
Impact Score: 5.9
Exploitability Score: 2.8

Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High
CVSS v2.0 Severity and Metrics:

Base Score: 9.0 HIGH
Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C) (V2 legend)
Impact Subscore: 10.0
Exploitability Subscore: 8.0

Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (AU): Single
Confidentiality (C): Complete
Integrity (I): Complete
Availability (A): Complete
Additional Information:
Allows unauthorized disclosure of information
Allows unauthorized modification
Allows disruption of service
References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have
provided these links to other web sites because they may have
information that would be of interest to you. No inferences should be
drawn on account of other sites being referenced, or not, from this
page. There may be other web sites that are more appropriate for your
purpose. NIST does not necessarily endorse the views expressed, or
concur with the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on these sites.
Please address comments about this page to nvd-at-nist.gov.
Hyperlink Resource
https://www.securityfocus.com/archive/1/503934 Exploit Third Party
Advisory VDB Entry
https://www.securityfocus.com/bid/35142 Third Party Advisory VDB Entry
Technical Details

Vulnerability Type (View All)

Command Injection (CWE-77)

Known Affected Software Configurations Switch to CPE 2.2
Configuration 1 ( hide )
cpe:2.3:o:linksys:wag54g2_firmware:1.00.10:*:*:*:*:*:*:*
Show Matching CPE(s)
Running on/with
cpe:2.3:h:linksys:wag54g2:-:*:*:*:*:*:*:*
Show Matching CPE(s)


--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002

http://www.nylxs.com - Leadership Development in Free Software
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
_______________________________________________
Hangout mailing list
Hangout-at-nylxs.com
http://lists.mrbrklyn.com/mailman/listinfo/hangout

  1. 2019-06-03 NCPA eCommunications <ncpa.ecommunications-at-ncpanet.org> Subject: [Hangout - NYLXS] Alabama, Illinois,
  2. 2019-06-02 Gabor Szabo <gabor-at-szabgab.com> Subject: [Hangout - NYLXS] [Perlweekly] #410 - Are you a blogger?
  3. 2019-06-03 From: "PSSNY" <jamie.cullis-at-pssny.org> Subject: [Hangout - NYLXS] Contact your Senator and Assemblymember Today!
  4. 2019-06-03 NYOUG <execdir-at-nyoug.org> Subject: [Hangout - NYLXS] Upcoming Events for Oracle Professionals
  5. 2019-06-02 IEEE Engineering in Medicine and Biology Society <noreply-at-embs.org> Subject: [Hangout - NYLXS] Reminder: EMBS News and Events
  6. 2019-06-03 From: "Free Software Foundation" <info-at-fsf.org> Subject: [Hangout - NYLXS] Free Software Supporter Issue 134, June 2019
  7. 2019-06-04 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Data and Privacu wars with facebook
  8. 2019-06-05 Ruben Safir <ruben.safir-at-my.liu.edu> Subject: [Hangout - NYLXS] Fwd: Fireside Chat: President and CEO of the New
  9. 2019-06-05 From: "American Museum of Natural History" <fieldtrips-at-amnh.org> Subject: [Hangout - NYLXS] Earn 45 hours of CTLE credit this summer at the
  10. 2019-06-05 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Pharmacy Finances
  11. 2019-06-11 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Its a jungle out there
  12. 2019-06-10 Gabor Szabo <gabor-at-szabgab.com> Subject: [Hangout - NYLXS] [Perlweekly] #411 - Perl 5.30 was released
  13. 2019-06-11 From: "Virtual Jerusalem" <vjhighlights-at-members.virtualjerusalem.com> Subject: [Hangout - NYLXS] The Situation In Israel is Urgent!
  14. 2019-06-11 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Fwd: Tomorrow: Join us at "Red Hat Enterprise
  15. 2019-06-12 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] 1984 again
  16. 2019-06-12 Ruben Safir <mrbrklyn-at-panix.com> Subject: [Hangout - NYLXS] Fwd: [users-at-httpd] ApacheCon North America 2019
  17. 2019-06-12 From: "Mancini, Sabin (DFS)" <Sabin.Mancini-at-dfs.ny.gov> Re: [Hangout - NYLXS] Fwd: Tomorrow: Join us at "Red Hat
  18. 2019-06-12 Ruben Safir <ruben-at-mrbrklyn.com> Re: [Hangout - NYLXS] Fwd: Tomorrow: Join us at "Red Hat Enterprise
  19. 2019-06-11 IEEE Spectrum <deliver-at-ieee.org> Subject: [Hangout - NYLXS] The Institute Alert
  20. 2019-06-12 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] facial recongition
  21. 2019-06-13 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Fwd: [dinosaur] Full scholarships available for
  22. 2019-06-14 From: "Mancini, Sabin (DFS)" <Sabin.Mancini-at-dfs.ny.gov> Re: [Hangout - NYLXS] went to the Red Hat Linux presentation at
  23. 2019-06-16 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Internet destruction to Nationalism and Despots
  24. 2019-06-14 From: "APhA - American Pharmacists Association" <infocenter-at-aphanet.org> Subject: [Hangout - NYLXS] Information from Industry: Thinking GLP-1
  25. 2019-06-15 James E Keenan <jkeenan-at-pobox.com> Subject: [Hangout - NYLXS] ny.pm: July 1 social meeting
  26. 2019-06-16 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Anti-semitism on Artix
  27. 2019-06-13 From: "American Museum of Natural History" <learn-at-amnh.org> Subject: [Hangout - NYLXS] Register for an Online Science Course for
  28. 2019-06-16 Gabor Szabo <gabor-at-szabgab.com> Subject: [Hangout - NYLXS] [Perlweekly] #412 - The Perl Conference in
  29. 2019-06-20 From: =?utf-8?Q?Zo=C3=AB_Kooyman=2C_FSF?= <info-at-fsf.org> Subject: [Hangout - NYLXS] Double the movement: Inspire someone to explore
  30. 2019-06-22 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] On Linksys WAG54G2 1.00.10 devices
  31. 2019-06-24 Gabor Szabo <gabor-at-szabgab.com> Subject: [Hangout - NYLXS] [Perlweekly] #413 - 2 events done, 2 to go
  32. 2019-06-24 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Attacking Jews is now OK in NYC
  33. 2019-06-26 From: "American Museum of Natural History" <publicprograms-at-amnh.org> Subject: [Hangout - NYLXS] 2019 Tony Award-Winning Director Rachel Chavkin
  34. 2019-06-30 Gabor Szabo <gabor-at-szabgab.com> Subject: [Hangout - NYLXS] [Perlweekly] #414 - Do you want to learn Test

NYLXS are Do'ers and the first step of Doing is Joining! Join NYLXS and make a difference in your community today!