July 24, 2009

DD-WRT httpd vulnerability

A critical flaw was discovered in DD-WRT's httpd service. It was also covered on Slashdot. I don't need really to upgrade since my two DD-WRT routers are completely stable, and they weren't even used as Internet routers.

Just to keep this upgrade exciting, I performed the upgrade over a VDSL link during a heavy thunderstorm. The micro one was a client bridge mode connected to the std one. There were no signal drops during the upgrade process.


Before the firmware upgrade, I had a 151-day uptime on the WAP54G. Pretty incredible since the WAP54G is placed outdoors in an incredibly dusty and hot environment. As mentioned above, it's configured as a client bridge to wirelessly connect an RFID access reader to the rest of the LAN.

No comments: