Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[goslow2gofast]

http://support.dlink.com/ProductInfo.aspx?m=DIR-645

I know you had been talking about WoL a while back...

Okay, I grabbed the two most recent versions release notes, which included earlier releases too, see below.  Thanks for remembering about WoL, but not sure why you mentioned it, I didn't see anything in the release notes about it, or am I missing something?  (WoL doesn't work in my version either, but it had on an older D-Link router I had...)

DIR
-
645
Revision A1
Firmware:
v.1.04B11
Date: 2013/12/19
Release Notes:
Vulnerabilities Addressed
-
Fix Admin Password will accepting and saving complex password, then not allow the user to use new
complex passw
ord
-
Fix Buffer overflow on "post_login.xml"
-
Fix Buffer overflow on "hedwig.cgi"
-
Fix Buffer overflow on "authentication.cgi"
-
Fix (CSRF) Cross
-
site scripting on "bind.php"
-
Fix (CSRF) Cross
-
site scripting on "info.php"
-
Fix (CSRF) Cross
-
site scrip
ting on "bsc_sms_send.php"
-
Fix Web file access api getfile path could not include ../
-
Fix bypass authentication before scan direction in the router. (__ajax_explorer.sgi)
-
Fix
curl
-
H "Cookie: uid=9gIdu6X6nF"
-
d
"EVENT=%26%20telnetd%26"
http://192.168.0.1/service.cgi
would cause script injection issue to execute
telentd.
-
Fix bypass authentication on version.php show too much router information
-
Fix widget functions and remove the relative files like r
outer_info.xml from unauthorized access
-
Fix issue that disables telnetd after the router is not longer factory default
-
Fix unauthorized post execute commands in the router by command.php
-
Fix Vulnerabilities Discovered and Disclosure by Roberto Palea
ri <
"roberto@greyhats.it"
>
-
Fix Buffer overflow on "post_login.xml"
-
Fix Buffer overflow on "hedwig.cgi"
-
Fix Buffer overflow on "authentication.cgi"
-
Fix (CSRF) Cross
-
site scripting on "bind.php"
-
Fix (CSRF)
Cross
-
site scripting on "info.php"
-
Fix (CSRF) Cross
-
site scripting on "bsc_sms_send.php"



DIR-645 Revision A Release Notes
=================================================
Firmware 1.04
Date:  06/11/2013

Bug-Fixes Addressed
Fix bug streaming multicast data in LAN affect WLAN can’t access network.
Fix Banner on web configuration does not display or scale + or - with Firefox and Safari
Add router_info.xml for DCC can detect WAN link status(DCC bug,Fw work-around)
Fix DHCP client renew fail when using broadcast flag
GUI date/time extend to 2037
Fix Login password limit to 15 char same as password setting in admin page.
Fix iTunes server cause out of memory when parsing some error mp3 file.
Fix the problem that wifi-enhance not working
Reduce the logout timeout from ten to three minutes for D-Link request due to security consideration.
Fix reset statistic fail.
Fix signal of wifi client always show 100%
Enable 3TB hdd support
Fix the ping for IPv6 ";reboot" will cause system reboot.we need do shell command escape before execute.

Vulnerabilities Addressed
Fix Admin Password will accepting and saving complex password, then not allow the user to use new complex password
Fix Web file access api getfile path could not include ../
Fix bypass authentication before scan direction in the router. (__ajax_explorer.sgi)
Fix  curl -H "Cookie: uid=9gIdu6X6nF" -d "EVENT=%26%20telnetd%26" http://192.168.0.1/service.cgi would cause script injection issue to execute telentd.
Fix bypass authentication on version.php show too much router information
Fix widget functions and remove the relative files like router_info.xml from unauthorized access
Fix issue that disables telnetd after the router is not longer factory default
Fix unauthorized post execute commands in the router by command.php
Fix Vulnerabilities Discovered and Disclosure by Roberto Paleari <"roberto@greyhats.it">
Fix Buffer overflow on "post_login.xml"
Fix Buffer overflow on "hedwig.cgi"
Fix Buffer overflow on "authentication.cgi"
Fix (CSRF) Cross-site scripting on "bind.php"
Fix (CSRF) Cross-site scripting on "info.php"
Fix (CSRF) Cross-site scripting on "bsc_sms_send.php"
  Official Disclosure @ http://bit.ly/19BZZZH
=================================================

Firmware  1.03
Date:  11/21/2012


SharePort Mobile / Web access Support
Enhanced iOS6 compatibility
Enhanced IPv6


=================================================

Firmware 1.02
Date:  07/12/2012


Boxee improvement
Disable WPS-PIN Method


=================================================

Firmware 1.01
Date:  09/26/2011

Revision Info:   
Fix wrong WAN port position picture in wizard setup.
Fix syslog function.
Fix DCS-5220 IPCAM WPA/WPA2 IOT issue.


=================================================

[FurryNutz]

Ya I looked at your history and you were chatting with Ambercap about WoL. I don't think anyone got it working on this router.

Ya the most recent FW is a lot of security fixes that I helped confirm with D-Link.

[shiekh]

WoL: Wake-on-LAN

for people like me that get confused with acronyms

[FurryNutz]

You should know that by now sir. LOL 

[shiekh]

Tis true, but my ailing mind buckles to

IP
ATM
ISDN
LAN
SNMP
FTP
DNS
TCP
ISP
VPN
SMTP
LDAP
NFS
NTP
SSL
NAT
TFTP
WAN
LAN
IMAP
STP
POP
PPP
IPP
TSP
DoS
VLAN
PPTP

[FurryNutz]

That why theres Wikipedia sir. 

[FurryNutz]

http://forums.dlink.com/index.php?topic=60680.0

Can't find 1.04b12 anyplace...

any more hints?