D-Link DIR-645 (rev.A) Router Firmware 1.04
Tipo de archivo: Firmware.
Sistema Operativo: Windows 7, Windows Vista, Windows XP.
Nombre del archivo: dir645_FW_104.zip.
Bit: 64 Bit.
Licencia: Gratuito.
Descripción
Bug-Fixes Addressed
– Fix bug streaming multicast data in LAN affect WLAN can’t access network.
– Fix Banner on web configuration does not display or scale + or – with Firefox and Safari
– Add router_info.xml for DCC can detect WAN link status(DCC bug,Fw work-around)
– Fix DHCP client renew fail when using broadcast flag
– GUI date/time extend to 2037
– Fix Login password limit to 15 char same as password setting in admin page.
– Fix iTunes server cause out of memory when parsing some error mp3 file.
– Fix the problem that wifi-enhance not working
– Reduce the logout timeout from ten to three minutes for D-Link request due to security consideration.
– Fix reset statistic fail.
– Fix signal of wifi client always show 100%
– Enable 3TB hdd support
– Fix the ping for IPv6 “;reboot” will cause system reboot.we need do shell command escape before execute.
Vulnerabilities
Addressed
– Fix Admin Password will accepting and saving complex password, then not allow the user to use new complex password
– Fix Web file access api getfile path could not include ../
– Fix bypass authentication before scan direction in the router. (__ajax_explorer.sgi)
– Fix curl -H “Cookie: uid=9gIdu6X6nF” -d “EVENT=%26%20telnetd%26” http://192.168.0.1/service.cgi would cause script injection issue to execute telentd.
– Fix bypass authentication on version.php show too much router information
– Fix widget functions and remove the relative files like router_info.xml from unauthorized access
– Fix issue that disables telnetd after the router is not longer factory default
– Fix unauthorized post execute commands in the router by command.php
– Fix Vulnerabilities Discovered and Disclosure by Roberto Paleari
– Fix Buffer overflow on “post_login.xml”
– Fix Buffer overflow on “hedwig.cgi”
– Fix Buffer overflow on “authentication.cgi”
– Fix (CSRF) Cross-site scripting on “bind.php”
– Fix (CSRF) Cross-site scripting on “info.php”
– Fix (CSRF) Cross-site scripting on “bsc_sms_send.php”
Descargar