Zyxel Prestige 681 and 1600 (possibly other?) remote DoS

From: Przemyslaw Frasunek (venglinat_private)
Date: Fri Dec 14 2001 - 03:08:59 PST

Next message: Mandrake Linux Security Team: "MDKSA-2001:092 - openssh update"

Previous message: Tamer Sahin: "ATPhttpd 0.4 DoS Vulnerability"
Next in thread: Przemyslaw Frasunek: "Re: Zyxel Prestige 681 and 1600 (possibly other?) remote DoS"
Reply: Przemyslaw Frasunek: "Re: Zyxel Prestige 681 and 1600 (possibly other?) remote DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

Zyxel Prestige 681 SDSL router is vulnerable to *remote* denial of service. 
By sending malformed packets, it is possible to bring down DSL link for few 
minutes. The problem persists only if packets come from DSL interface, not 
from Ethernet. ZyNOS reports that line is synchronizing and it takes about 
2-3 minutes before link is up.

The workaround is to switch off routing and put device in bridging mode. 
Zyxel support has been notified, I won't release details of attack, until 
ZyNOS will be patched.

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslawat_private ** PGP: D48684904685DF43EA93AFA13BE170BF *

Next message: Mandrake Linux Security Team: "MDKSA-2001:092 - openssh update"
Previous message: Tamer Sahin: "ATPhttpd 0.4 DoS Vulnerability"
Next in thread: Przemyslaw Frasunek: "Re: Zyxel Prestige 681 and 1600 (possibly other?) remote DoS"
Reply: Przemyslaw Frasunek: "Re: Zyxel Prestige 681 and 1600 (possibly other?) remote DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Dec 14 2001 - 09:11:46 PST