| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 29 Sep 2003 13:59:56 -0700 From: Ranjeet Shetye <ranjeet.shetye2@...tys.com> To: Claus A <bugtraq-me@....net> Cc: bugtraq@...urityfocus.com Subject: Re: SMC Router Denial of Service exploit On Mon, 2003-09-29 at 13:13, Claus A wrote: > Hi > > > Tested on an SMC2404WBR - BarricadeT Turbo 11/22 Mbps Wireless Cable/DSL > > Broadband Router. > > I ve just tested this code against my SMC 2404WBR. Firmware Version 1.0.10. > But it didnt work. > > I saw a lot of UDP & ICMP on the air, but I could access the AP all the > time. Slower as normal but there was still a connection. As stopping the > attack after ~ 10 min everything was just normal. > > > Sending a stream of UDP random packets to multiple ports 0-65000 on the > > router will cause the router to freeze until a soft reset is performed on > > it. > > I ran the attack against the wireless port. > Perhaps it only works on the WAN Port? > > Greets > Claus Can confirm DoS weakness in SMC 7004VWBR on WAN side. Traffic = large loads of UDP and/or ICMP traffic on WAN side. Stateful Packet Inspection is ON. Firmware = v1.23 (Part No. 720.638) (This information pertains to my home network and is unrelated to my employer Zultys.) -- Ranjeet Shetye Senior Software Engineer Zultys Technologies Ranjeet dot Shetye2 at Zultys dot com http://www.zultys.com/ The views, opinions, and judgements expressed in this message are solely those of the author. The message contents have not been reviewed or approved by Zultys.
Powered by blists - more mailing lists