DoS Exploit in Eicon Diehl LAN ISDN Modem

From: Björn Stickler (courierat_private)
Date: Sun Sep 26 1999 - 03:53:26 PDT

Next message: Brock Tellier: "Working Solaris x86 /usr/bin/mail exploit"

Previous message: Sam B. Siegel: "Re: [arkeia-list] Multiple vendor Knox Arkiea local root/remote"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

i recently found a security bug in the diva lan isdn modem that shuts down
the modem (fault led on).
all you have to do is type the following location in your browser:
http://diva/login.htm?password=0123456789012345678901234567890123456789
where diva is the name of your modem or the ip-address.
after that, the modem is locked until you do a hard reset.
i think it´s a buffer overflow of the password length which probably
overwrites the eip adress.
regards
Björn Stickler

PS: i informed Eicon Diehl about that bug already

Next message: Brock Tellier: "Working Solaris x86 /usr/bin/mail exploit"
Previous message: Sam B. Siegel: "Re: [arkeia-list] Multiple vendor Knox Arkiea local root/remote"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:05:23 PDT