[26359] in bugtraq
Phenoelit Advisory #0815 ++-+ dp_300 (DLINK)
daemon@ATHENA.MIT.EDU (kim0)
Sat Jul 27 12:58:14 2002
Message-ID: <3D4270CB.4000007@phenoelit.de>
Date: Sat, 27 Jul 2002 12:07:07 +0200
From: kim0 <kim0@phenoelit.de>
Reply-To: kim0@phenoelit.de
MIME-Version: 1.0
To: darklab@darklab.org, bugtraq@securityfocus.com, vuln-dev@securityfocus.com
Content-Type: multipart/mixed;
boundary="------------070304040707010103040102"
--------------070304040707010103040102
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
--
kim0 <kim0@phenoelit.de>
Phenoelit (http://www.phenoelit.de)
90C0 969C EC71 01DC 36A0 FBEF 2D72 33C0 77FC CD42
--------------070304040707010103040102
Content-Type: text/plain;
name="dp-300.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="dp-300.txt"
Phenoelit Advisory <wir-haben-auch-mal-was-gefunden #0815 ++-+>
[ Authors ]
FX <fx@phenoelit.de>
FtR <ftr@phenoelit.de>
Phenoelit Group (http://www.phenoelit.de)
Advisory http://www.phenoelit.de/stuff/dp-300.txt
[ Affected Products ]
D-Link
DP-300+
D-Link Bug ID: Not assigned
[ Vendor communication ]
07/07/02 Initial Notification
*Note-Initial notification by phenoelit
includes a cc to cert@cert.org by default
07/19/02 Notification of intent to post public in apx.
7 days.
[ Overview ]
The D-Link Ethernet/Fast Ethernet Print Server DP-300+
provides network connectivity for printers.
[ Description ]
By sending an oversized POST request to an existing web page such
as /Config1.htm, the device web server dies. A process appears to be
listening on the port but will no longer answer requests. Additionally,
the print server reports an uptime of less then one minute after the
attack, indicating that the software dies during this time.
[ Example ]
See above
[ Solution ]
None known at this time.
[ end of file ]
--------------070304040707010103040102--
