News:

Buffalo provides Data Recovery services. Read about it here.

Main Menu

Security Problem on LinkStation Live with Bittorrent

Started by wondy, January 21, 2009, 03:45:06 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

wondy

January 21, 2009, 03:45:06 AM
   Hi, I am found a serious security bug also on new firmware 1.06. Is possible to see the bittorrent page on everyone simply typing the linkstation ip address follows by port 8080 WITHOUT ENTER ANY PASSWORD !!And if you have a problem to find a valid IP address , buffalo will help you :-) with the DNS service buffalonas.com, in this way you can digit www.buffalonas.com/user:8080 to enter in a bittorrent page of everyone and see what is in download , to schedule a new downloads , ecc .... with privacy problem that it brings.

Colin137

#1
January 24, 2009, 06:10:07 PM

Thank you for notifying us of the problem, we will work hard to get the fixed firmware ASAP.

 

As a temporary workaround, disable the bittorrent function, or simply ensure that port 8080 is blocked by your router's firewall.

Message Edited by Colin137 on 01-24-2009 06:12 PM

Almamida

#2
January 24, 2009, 07:20:22 PM
   

Yes, it would be great to secure this access using accounts created in linkstation.

With the possibility to manage who can access to it, and who can't. Like the shared folders in WebAccess.

 

:) 

SilverFoX

#3
January 24, 2009, 09:54:13 PM
   
Colin137 wrote:

Thank you for notifying us of the problem, we will work hard to get the fixed firmware ASAP.

 

As a temporary workaround, disable the bittorrent function, or simply ensure that port 8080 is blocked by your router's firewall.

Message Edited by Colin137 on 01-24-2009 06:12 PM

just as a side  note - this was mentioned as a security flaw since the firmware 1.01 (i think) and hasn´t been fixed since then - so as a temporary workaround the bittorrent function didn´t work from the start to follow your advice -.-

anyways - looking forward to a fix also for the private tracker support :)

 

regards,

SilverFoX

 

PS: please check the following thread as well if you are interested in the linkstation live with bittorrent support:

http://forums.buffalotech.com/buffalo/board/message?board.id=0101&thread.id=3095" target="_blank">Persisting problems and feature suggestions regarding LinkStation Live with BitTorrent (LS-CH*L)

Message Edited by SilverFoX on 01-25-2009 04:55 AM
Print
Go Up Pages1
User actions
Browser ID: smf (is_webkit)
Templates: 4: index (default), Display (default), GenericControls (default), GenericControls (default).
Sub templates: 6: init, html_above, body_above, main, body_below, html_below.
Language files: 5: index+Modifications.english (default), Post.english (default), Editor.english (default), Drafts.english (default), StopForumSpam.english (default).
Style sheets: 4: index.css, attachments.css, jquery.sceditor.css, responsive.css.
Hooks called: 172 (show)
Files included: 35 - 1354KB. (show)
Memory used: 1043KB.
Tokens: post-login.
Queries used: 16.

[Show Queries]