SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Device (Router/Bridge/Hub)  >   Prestige Router (ZyXEL) Vendors:   ZyXEL Communications Corp.
ZyXEL Prestige SDSL Router Can Be Crashed By Remote Users Sending Malformed Packets
SecurityTracker Alert ID:  1002977
SecurityTracker URL:  http://securitytracker.com/id/1002977
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Dec 14 2001
Impact:   Denial of service via network

Version(s): Prestige 681, 1600; possibly others
Description:   A denial of service vulnerability has been reported in ZyXEL's Prestige SDSL routers. A remote user can cause the router to hang by sending malformed packets.

It is reported that a remote user can send certain malformed packets to the router on the DSL-interface side of the router to cause it to hang. This reportedly cannot be triggered from the internal Ethernet interface side of the router. When the vulnerability is triggered, ZyNOS apparently reports that the line is synchronizing. It may take between 2 and 3 mintues before the link comes back up and operations return to normal.

The nature of the malformed packets required to exploit this flaw was not disclosed.

The vendor has reportedly been notified.
Impact:   A remote user can cause the router to stop processing traffic for several minutes.
Solution:   No solution was available at the time of this entry.

The author of the report presents a workaround:

"The workaround is to switch off routing and put device in bridging mode."
Vendor URL:  www.zyxel.com/ (Links to External Site)
Cause:   Exception handling error
Underlying OS:  

Message History:   None.

 Source Message Contents
Date:  Fri, 14 Dec 2001 12:08:59 +0100
Subject:  Zyxel Prestige 681 and 1600 (possibly other?) remote DoS


Hello,

Zyxel Prestige 681 SDSL router is vulnerable to *remote* denial of service. 
By sending malformed packets, it is possible to bring down DSL link for few 
minutes. The problem persists only if packets come from DSL interface, not 
from Ethernet. ZyNOS reports that line is synchronizing and it takes about 
2-3 minutes before link is up.

The workaround is to switch off routing and put device in bridging mode. 
Zyxel support has been notified, I won't release details of attack, until 
ZyNOS will be patched.

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC