Re: DoS in Flowpoint 2000 DSL routers

From: Tom (tomat_private)
Date: Tue Aug 11 1998 - 22:09:43 PDT

Next message: John D. Hardin: "Re: FW: CERT Advisory CA-98.10 - mime_buffer_overflows (VU#5648)"

Previous message: Richard Thomas: "Re: RotoRouter 1.0 - Traceroute log & fake"
Maybe in reply to: Jason Ackley: "DoS in Flowpoint 2000 DSL routers"
Next in thread: Jason Ackley: "Re: DoS in Flowpoint 2000 DSL routers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 11 Aug 1998 20:35:20 PDT, Jason Ackley writes:
>Hello,
>
>Quick Overview:
>
>There exists a DoS in Flowpoint's (A)DSL 2000 router ('fp2k')
>running software rev 1.2.3 (anyone have other revs to test?)
>
>Lil Backgrounder:
>
>Flowpoint builds the routers and distributes them through various OEMs and
>VARs, one that I know of is Diamond Lane Commuications, so if you have a
>DSL router its best to take a peak at it real quick(tm). Basically its not
>much bigger than a modem, has six blinky lights on the front.
>
>
>Vendor Status:
>
>I informed Flowpoint of this problem on Fri May 29, Flowpoint responded on
>Mon Jun 1 with a fix and an apology for not responding to me sooner! Quick
>Service!
>
My biggest gripe with fp2000 was the unrestricted "read only" access to
telnet and snmp ports.

FP has been very responsive to customer feedback and v1.4.3  supports access
lists. There was also a nasty memory leak in earlier versions that would cause
the router to die for no apparant reason, they granted access to a beta
version that fixed it some time ago.

Looks like 1.43 will only take X chars.

Escape character is '^]'.

FlowPoint/2000 ADSL Router v1.4.3 Ready
> login dfljsdlfjsdkfjsdlkffffffffffffsdlkfjlksdfjlwrejfopiwjflksfdslkfjsdlkfjsdlkfjdslkfjdslkfjdslfjsdlkfjsdlkfjdslfjdslkflkfslkfjsdlkfsdlkfsdlkfdslkfsdlkjfsdlkfjsdlkfslkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfjsdlkfjsdlkfjsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkjfsdlkfjsdlkjfdsjflksdflksdfsldkfsldkfsdlkfjsdlkfdslkfdslkfjsdlkfjsdlkjfsdljforewirjweruweurpweurpwewefwlkfjwelfhjewpirewpfpweofpwekfpwekfpwejfpwjfowefjwefwejfipwejfwejpfwjepfwejpfwejfpwejfpwejfpwejfpwefpweofpwefpowejfwpeijfwpejfpwejfwepfjwepfjwepfjwepfjwepfjwepfjewpfjwepfjwepfwejpfjewpfwejpfwejfpwejfpwefjwpejfwepfjwepfjwepfwjepfjwepfwejpfwjepfwejfpwejfpwefjwpefjwepfjwepfjwepfewjpfwejpfwejfpwefjpewjfwepfjwpefjwpefjpwfjwepfjwepfjwepfjwepjfwepfjwepfjwepfjwepfjwepfjwepfwjefpwejfpewjfpwejfpwejfpwejfpwejfpwejfwepfwepjfwpejfpwejfwpejfewpjfpwefpwejfpewjfpwejfpwejfpwejfpwefjweksdlkjfpwepweiwoip;dsfjg;jpogjrepojreipewrut083475034503459534907340957-043-68458607034750j4rejtlkrejtlkerwjrepitjre0u43-0u-0jrptjepo34ujt0934t4jpj!
34pjtrepoitj4309ru0wtj43pjew0irjt
Wrong password!   Try logging in again.
>





--

Tom Jansen - Sysadmin
GST - Whole Earth Networks
mknod /dev/spam c 2 2 ; chmod 666 /dev/spam ; echo " >/dev/spam" > ~/.forward

Next message: John D. Hardin: "Re: FW: CERT Advisory CA-98.10 - mime_buffer_overflows (VU#5648)"
Previous message: Richard Thomas: "Re: RotoRouter 1.0 - Traceroute log & fake"
Maybe in reply to: Jason Ackley: "DoS in Flowpoint 2000 DSL routers"
Next in thread: Jason Ackley: "Re: DoS in Flowpoint 2000 DSL routers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:12:10 PDT