[NEWS] DLink Firewall/Router Vulnerable to Malformed Fragmented Packets DoS
From: support@securiteam.comDate: 09/12/01
- Previous message: support@securiteam.com: "[TOOL] No Ptrace Module (NPT)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Subject: [NEWS] DLink Firewall/Router Vulnerable to Malformed Fragmented Packets DoS Message-Id: <20010912054847.3E042138C0@mail.der-keiler.de> Date: Wed, 12 Sep 2001 07:48:47 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
DLink Firewall/Router Vulnerable to Malformed Fragmented Packets DoS
------------------------------------------------------------------------
SUMMARY
The popular home broadband sharing device
<http://www.dlink.com/products/broadband/di704/> Dl-704 by DLink
Technologies can be easily DoSed through malformed fragmented packets. By
utilizing standard packet-crafting tool to form these packets, attackers
can generate a large number of incorrectly fragmented IP packets and cause
the router to immediately stop forwarding packets. After about 2 minutes
of the attack the router will require a reboot.
DETAILS
Vulnerable systems:
DI-704 Firmware prior to version 2.56b6
Immune systems:
DI-704 Firmware above version 2.56b6
The DoS relies on an exploit involving IP fragmentation, which is a
process whereby IP datagrams are subdivided into smaller data packets
during transit. Fragmentation is required because every network
architecture carries data in groups called frames, and the maximum frame
size varies from network to network. When an IP datagram enters a network
whose maximum frame size is smaller than the size of the datagram, it is
split into fragments. Thereafter, the fragments travel separately to their
destination, at which point they are re-assembled and processed.
Patch Details
Download new firmware. V2.56b6 or later will fix it.
<http://www.dlink.com.tw/2000e/download/download.htm>
http://www.dlink.com.tw/2000e/download/download.htm
The US site only holds V2.55b15.
ADDITIONAL INFORMATION
The information has been provided by <mailto:loki@fatelabs.com> Fate
Research Labs.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[TOOL] No Ptrace Module (NPT)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
