| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Mar 2003 17:46:18 -0500
From: Thomas Reinke <reinke@...oftinc.com>
To: bugtraq@...urityfocus.com
Subject: D-Link DI-614 wiresless router crash/reboots
A user of ours has reported that the D-Link DI-614+
Wireless router/firewall is vulnerable to several old,
well known vulnerablities. The user was able to reproduce
the problem multiple times with consistent results. Not
having the equipment, we have NOT reproduced these ourselves,
and would appreciate if anyone can corroborate these
problems.
The vendor was notified on March 13th and has not responded
back.
Both tests causing problems were reproduced using the Nessus
test suite. Test IDs are Nessus test ID numbers and are
supplied for reference.
Nestea: A Nestea attack applied to the device causes the
device to spontaneously reboot. The device is out of
operation for only a few seconds and is then back in
service with no other known impact.
Ref: http://www.securityspace.com/smysecure/catid.html?id=10148
Linux 0 length fragment bug: Sending the appropriate packet
causes the device to crash requiring a power off-on cycle
to recover.
Ref: http://www.securityspace.com/smysecure/catid.html?id=10134
If anyone can support that their device does or does not behave
similarly it would be appreciated.
Thomas
--
SecuritySpace
http://www.securityspace.com
Powered by blists - more mailing lists