SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Device (Router/Bridge/Hub)  >   Linksys Router Vendors:   Linksys
Linksys BEFVP41 VPN Router Can Be Crashed By Remote Users
SecurityTracker Alert ID:  1015490
SecurityTracker URL:  http://securitytracker.com/id/1015490
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jan 16 2006
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): BEFVP41
Description:   A vulnerability was reported in the Linksys BEFVP41 VPN Router. A remote user can cause the router to crash.

A remote user can send a specially crafted IP packet with a null length value for IP option #0xE4 to cause the target device to crash.

The device can be crashed from the LAN-side interface. A reboot is required to return the device to normal operations.

Impact:   A remote user can cause the target router to crash.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.linksys.com/ (Links to External Site)
Cause:   Exception handling error

Message History:   None.


 Source Message Contents

Subject:  Linksys VPN Router (BEFVP41) DoS Vulnerability

Linksys BEFVP41 (possibly others) (not sure which firmware) can be instantenously crashed by sending a specially crafted IP packet
 with a null length for IP option #0xE4 , like this one:

00 0f 66 99 a3 45 00 10 5a cc 59 84 08 00 46 00  
00 2c 04 d2 00 00 ff aa 06 2a c0 a8 01 65 43 08  
c6 15 e4 00 00 00 41 42 43 44 45 46 47 48 49 4a  
4b 4c 4d 4e 4f 50 52 53 54 55

I tried from within LAN-side of the router.  Did not test WAN-side, but probably still works.  Requires a reboot to fix.  Found it
 accidentally while doing nessus scan.  (Nessus Referenced BID : 7175, 14536)                  

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC