Worked for me in FF. On Thu, Jan 31, 2013 at 4:47 PM, Andrew S. Baker <asbz...@gmail.com> wrote:
> Yes, but so far, it's not cooperating in Chrome or FF... > > > > > > *ASB > **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker>* > **Providing Virtual CIO Services (IT Operations & Information Security) > for the SMB market…*** > > > > > > On Thu, Jan 31, 2013 at 6:35 PM, Kurt Buff <kurt.b...@gmail.com> wrote: > >> That page has the download link on it. >> >> >> On Thu, Jan 31, 2013 at 3:24 PM, Andrew S. Baker <asbz...@gmail.com>wrote: >> >>> Are you actually able to download via that link? >>> >>> >>> >>> >>> >>> *ASB >>> **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker>* >>> **Providing Virtual CIO Services (IT Operations & Information Security) >>> for the SMB market…*** >>> >>> >>> >>> >>> >>> On Thu, Jan 31, 2013 at 4:07 PM, Ziots, Edward <ezi...@lifespan.org>wrote: >>> >>>> >>>> http://www.rapid7.com/resources/free-security-software-downloads/universal-plug-and-play-jan-2013.jsp >>>> **** >>>> >>>> ** ** >>>> >>>> Nice detection utility which will help out the home users. **** >>>> >>>> ** ** >>>> >>>> Z**** >>>> >>>> ** ** >>>> >>>> Edward E. Ziots, CISSP, Security +, Network +**** >>>> >>>> Security Engineer**** >>>> >>>> Lifespan Organization**** >>>> >>>> ezi...@lifespan.org**** >>>> >>>> ** ** >>>> >>>> This electronic message and any attachments may be privileged and >>>> confidential and protected from disclosure. If you are reading this >>>> message, but are not the intended recipient, nor an employee or agent >>>> responsible for delivering this message to the intended recipient, you are >>>> hereby notified that you are strictly prohibited from copying, printing, >>>> forwarding or otherwise disseminating this communication. If you have >>>> received this communication in error, please immediately notify the sender >>>> by replying to the message. Then, delete the message from your computer. >>>> Thank you.**** >>>> >>>> *[image: Description: Description: Lifespan]* >>>> >>>> ** ** >>>> >>>> ** ** >>>> >>>> *From:* Ziots, Edward [mailto:ezi...@lifespan.org] >>>> *Sent:* Thursday, January 31, 2013 1:04 PM >>>> >>>> *To:* NT System Admin Issues >>>> *Subject:* RE: Ouch - UPnP >>>> *Importance:* High**** >>>> >>>> ** ** >>>> >>>> Cross post from Bugtraq, **** >>>> >>>> ** ** >>>> >>>> DefenseCode Security Advisory**** >>>> >>>> http://www.defensecode.com/**** >>>> >>>> ** ** >>>> >>>> ** ** >>>> >>>> Broadcom UPnP Remote Preauth Root Code Execution Vulnerability**** >>>> >>>> ** ** >>>> >>>> ** ** >>>> >>>> Advisory ID: DC-2013-01-003**** >>>> >>>> Advisory Title: Broadcom UPnP Remote Preauth Root Code Execution >>>> Vulnerability Advisory URL: >>>> http://www.defensecode.com/subcategory/advisories-28**** >>>> >>>> Software: Broadcom UPnP software**** >>>> >>>> Vulnerable: Multiple router manufacturers Vendor Status: Vendors >>>> contacted Initial Release Date: 2013-01-15 Release Date Postponed To: >>>> 2013-01-31**** >>>> >>>> Risk: Critical**** >>>> >>>> ** ** >>>> >>>> ** ** >>>> >>>> ** ** >>>> >>>> 1. General Overview**** >>>> >>>> ===================**** >>>> >>>> ** ** >>>> >>>> During the security evaluation of Cisco Linksys routers for a client, >>>> we have discovered a critical security vulnerability that allows remote >>>> unauthenticated attacker to remotely execute arbitrary code under root >>>> privileges.**** >>>> >>>> Upon initial vulnerability announcement a few weeks ago Cisco spokesman >>>> stated that only one router model is vulnerable - WRT54GL.**** >>>> >>>> We have continued with our research and found that, in fact, same >>>> vulnerable firmware component is also used in at least two other Cisco >>>> Linksys models - WRT54G3G and probably WRT310N. Could be others.**** >>>> >>>> ** ** >>>> >>>> Moreover, vulnerability turns out even more dangerous, since we have >>>> discovered that same vulnerable firmware component is also used across many >>>> other big-brand router manufacturers and many smaller vendors.**** >>>> >>>> ** ** >>>> >>>> Vulnerability itself is located in Broadcom UPnP stack, which is used >>>> by many router manufacturers that produce or produced routers based on >>>> Broadcom chipset.**** >>>> >>>> We have contacted them with vulnerability details and we expect patches >>>> soon. However, we would like to point out that we have sent more than 200 >>>> e-mails to various router manufacturers and various people, without much >>>> success.**** >>>> >>>> ** ** >>>> >>>> Some of the manufacturers contacted regarding this vulnerability are >>>> Broadcom, Asus, Cisco, TP-Link, Zyxel, D-Link, Netgear, US Robotics, and so >>>> on.**** >>>> >>>> Routers with vulnerable Broadcom UPnP stack are mostly based on >>>> Broadcom UPnP chipset. You can check how many manufacturers use Broadcom >>>> chipset**** >>>> >>>> here: http://wiki.openwrt.org/toh/start (search for Broadcom, brcm or >>>> bcm).**** >>>> >>>> ** ** >>>> >>>> We don't know exactly how many of them are affected, since we were >>>> unable to contact all of them, but we suspect there are probably tens of >>>> millions vulnerable routers out there.**** >>>> >>>> ** ** >>>> >>>> ** ** >>>> >>>> Edward E. Ziots, CISSP, Security +, Network +**** >>>> >>>> Security Engineer**** >>>> >>>> Lifespan Organization**** >>>> >>>> ezi...@lifespan.org**** >>>> >>>> ** ** >>>> >>>> This electronic message and any attachments may be privileged and >>>> confidential and protected from disclosure. If you are reading this >>>> message, but are not the intended recipient, nor an employee or agent >>>> responsible for delivering this message to the intended recipient, you are >>>> hereby notified that you are strictly prohibited from copying, printing, >>>> forwarding or otherwise disseminating this communication. If you have >>>> received this communication in error, please immediately notify the sender >>>> by replying to the message. Then, delete the message from your computer. >>>> Thank you.**** >>>> >>>> *[image: Description: Description: Lifespan]* >>>> >>>> ** ** >>>> >>>> ** ** >>>> >>>> *From:* David Lum [mailto:david....@nwea.org <david....@nwea.org>] >>>> *Sent:* Thursday, January 31, 2013 12:37 PM >>>> *To:* NT System Admin Issues >>>> *Subject:* RE: Ouch - UPnP**** >>>> >>>> ** ** >>>> >>>> See the thread called “Shocking? Somehow, not...”**** >>>> >>>> ** ** >>>> >>>> Having a more descriptive subject line like yours is far too logical J* >>>> *** >>>> >>>> ** ** >>>> >>>> *From:* N Parr [mailto:npar...@mortonind.com <npar...@mortonind.com>] >>>> *Sent:* Thursday, January 31, 2013 9:30 AM >>>> *To:* NT System Admin Issues >>>> *Subject:* Ouch - UPnP**** >>>> >>>> ** ** >>>> >>>> >>>> http://news.cnet.com/8301-1009_3-57566366-83/upnp-networking-flaw-puts-millions-of-pcs-at-risk/?tag=nl.e757&s_cid=e757 >>>> **** >>>> >>>> **** >>>> >>>> Guess it would mostly affect home users but they are going to be the >>>> ones who would never hear about it for be able to fix it.**** >>>> >>>> **** >>>> >>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> >>>> --- >>>> To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>> with the body: unsubscribe ntsysadmin**** >>>> >>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> >>>> --- >>>> To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>> with the body: unsubscribe ntsysadmin**** >>>> >>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> >>>> --- >>>> To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>> with the body: unsubscribe ntsysadmin**** >>>> >>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> >>>> --- >>>> To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>> with the body: unsubscribe ntsysadmin >>>> >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to listmana...@lyris.sunbeltsoftware.com >>> with the body: unsubscribe ntsysadmin >>> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
<<image001.jpg>>
