lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Sat, 13 Jun 2009 08:54:12 -0600
From: mcyr2@....com
To: bugtraq@...urityfocus.com
Subject: Link Logger syslogd resource overwhelm DoS

Remote: yes

Credit: Mike Cyr, aka h00die

Vulnerable: 2.4.10.15 (ddwrt version) but more than likely all versions

Discussion:  Link Logger is a program for logging, analysis and reporting of router traffic so you can easily spot attacks and abuses on your network.  By sending a ton of spoofed traffic, the syslogd portion of link logger will become overwhelmed and crash.  The program must be restarted to bring syslogd back up.  After talking with the vendor, the syslogd portion is from another company, so other products may also be vulnerable.  The vendor would not disclose who the syslogd vendor was.

Log:
#Vendor notification 4/13/09
#Vendor acknowledgement 4/14/09, the syslogd is actually from another company, vendor contacts syslogd vendor.
#Vendor can not run DoS code successfully 5/11/09
#Sent instructions and video on how to install all needed modules and run successfully 5/12/09
#Asked for update, no response 6/8/09
#Sent to milw0rm and security focus 6/13/09

I will update this post when the code gets put on milw0rm.

References: http://www.linklogger.com/

Powered by blists - more mailing lists