[23498] in bugtraq
Zyxel Prestige 681 and 1600 (possibly other?) remote DoS
daemon@ATHENA.MIT.EDU (Przemyslaw Frasunek)
Fri Dec 14 12:15:56 2001
Message-Id: <200112141109.fBEB8xk21501@mailhost.freebsd.lublin.pl>
Content-Type: text/plain;
charset="iso-8859-2"
From: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>
To: bugtraq@securityfocus.com
Date: Fri, 14 Dec 2001 12:08:59 +0100
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Hello,
Zyxel Prestige 681 SDSL router is vulnerable to *remote* denial of service.
By sending malformed packets, it is possible to bring down DSL link for few
minutes. The problem persists only if packets come from DSL interface, not
from Ethernet. ZyNOS reports that line is synchronizing and it takes about
2-3 minutes before link is up.
The workaround is to switch off routing and put device in bridging mode.
Zyxel support has been notified, I won't release details of attack, until
ZyNOS will be patched.
--
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *
