SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Device (Router/Bridge/Hub)  >   Prestige Router (ZyXEL) Vendors:   ZyXEL Communications Corp.
ZyXEL Prestige Routers Can Be Made to Temporarily Stop Processing Traffic By Remote Users Sending Certain Fragmented Packets
SecurityTracker Alert ID:  1004824
SecurityTracker URL:  http://securitytracker.com/id/1004824
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 24 2002
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): V2.50(FA.1) | 1/22/2002; V3.25(M.01) | 7/25/2001; possibly others
Description:   A denial of service vulnerability was reported in ZyXEL's Prestige routers. A remote user can cause the router to temporarily stop processing traffic.

A remote user can reportedly send a single oversized packet that is highly fragmented to the router to cause the router to stop processing traffic from the internal network for 30 seconds.

This has reportedly been tested on a 642R and (by another user) on a 310.

According to the report, the 'jolt' utility can be used to create the packets required to trigger the vulnerability. This utility is available at:

http://packetstorm.decepticons.org/exploits/DoS/jolt.c
Impact:   A remote user can cause the router to stop processing traffic for 30 seconds. If attacked repeatedly, extended denial of service conditions can be caused.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.zyxel.com/ (Links to External Site)
Cause:   Exception handling error
Underlying OS:  

Message History:   None.

 Source Message Contents
Date:  Wed, 24 Jul 2002 03:37:53 -0700
Subject:  Denial of Service in ZyXEL prestige 642R w/ZyNOS v2.50(FA.1)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Description:
A single jolt[1] packet will cause the router to stop passing traffic from the internal network for exactly 30 seconds.

Affected versions:
ZyNOS S/W Version: V2.50(FA.1) | 1/22/2002 (and below)

Notes:
A friendly soul told us this affected other ZyXEL models as well, but we dont have any around to test on.

References:
[1]: http://packetstorm.decepticons.org/exploits/DoS/jolt.c

Yours truly,
0x36

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wlkEARECABkFAj0+g4ESHDB4MzZAaHVzaG1haWwuY29tAAoJEFOjUCJfkTewyqQAnA6l
d64MbsMResaAUXGWHpKrOKkwAJwJpZKRHMsU8EVahzA2MSC+N24awA==
=0diI
-----END PGP SIGNATURE-----


Communicate in total privacy.
Get your free encrypted email at https://www.hushmail.com/?l=2

Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC