[20133] in bugtraq
BinTec Router DoS: Workaround and Details
daemon@ATHENA.MIT.EDU (Michael Glaser)
Tue Apr 10 12:16:50 2001
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-ID: <001b01c0c1aa$8f9a0250$266010ac@dev.bintec.de>
Date: Tue, 10 Apr 2001 12:39:45 +0200
Reply-To: Michael Glaser <mglaser@BINTEC.DE>
From: Michael Glaser <mglaser@BINTEC.DE>
To: BUGTRAQ@SECURITYFOCUS.COM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Systems affected:
- -----------------
BinTec X1000
BinTec X1200
BinTec X4000
Systems with the following properties are *NOT* affected:
- VPN license activated
- port 1723/tcp blocked for all interfaces
Description:
- ------------
Portscan locks up systems
Solution:
- ---------
BinTec recommends that you block all unused ports and update to the
latest system software
In any case, port 1723/tcp should be closed for all interfaces on
systems without VPN license.
You can block the ports either by using the access lists of the router
or by activating NAT.
Bugfix:
- -------
This problem will be solved with the next system software release.
MICHAEL GLASER
Projectmanager X4000
BinTec Communications AG
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Edition 6.0.2
iQA/AwUBOtLU4uFmrDCYOlUREQIW3gCeILzj20D28DeF0KT5vmdRvqwKDx0AmwY2
ZjtTtORWJ0a6YGRt7Mx8H7FR
=Ye2S
-----END PGP SIGNATURE-----
