SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Efficient Networks Router Vendors:   Efficient Networks
Efficient Networks 5861 DSL Router Processing Bug Lets Remote Users Crash the Router
SecurityTracker Alert ID:  1005910
SecurityTracker URL:  http://securitytracker.com/id/1005910
CVE Reference:   CVE-2003-1250   (Links to External Site)
Updated:  Jun 15 2008
Original Entry Date:  Jan 10 2003
Impact:   Denial of service via network
Exploit Included:  Yes  

Description:   A vulnerability was reported in the Efficient Networks 5861 DSL Router. A remote user can cause the router to crash and restart when the router is using a certain configuration.

It is reported that when the router is configured to use IP filtering to block incoming TCP SYN flags, a remote user can conduct a portscan on the WAN interface to cause the router to crash and restart.

The vendor has reportedly been notified.

Impact:   A remote user can cause the device to crash and restart.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.efficient.com/ebz/5800.html (Links to External Site)
Cause:   Exception handling error, State error

Message History:   This archive entry has one or more follow-up message(s) listed below.
(Vendor Describes Fixes) Re: Efficient Networks 5861 DSL Router Processing Bug Lets Remote Users Crash the Router
The vendor has described several solutions.



 Source Message Contents

Subject:  Efficient Networks 5861 DSL Router


Product:		Efficient Networks 5861 DSL Router
			http://www.efficient.com/ebz/5800.html
Tested version:	5.3.80 (Latest firmware)
Advisory date:	10/01/2003
Severity:		Moderate

Background

access for up to 100 or more users with robust firewall and optional Secure
Class DSL Routers are Business Contingency Plan ready, with features such as
Dial Backup and Virtual Router Redundancy Protocol (VRRP)."

As far as I am aware, the 5861 is the standard router provided to all ADSL
business customers in the UK.

Details

When using the builtin IP filtering to block incoming TCP SYN flags, a
simple portscan to the WAN interface of the router will cause the it to lock
up, and eventually restart.

This has been tested on two different 5861 routers, both running the above
firmware version.

Port scanners used were Nmap (Linux) and SuperScan (Windows)

Solution

There is currently no fix for this exploit.  I have contacted Efficient
Networks to inform them of the problem.

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC