[27706] in bugtraq
Re: Motorola Cable Modem DOS
daemon@ATHENA.MIT.EDU (Juraj Ziegler)
Tue Nov 5 11:27:27 2002
Date: Mon, 4 Nov 2002 11:06:15 +0100
From: Juraj Ziegler <e@hq.sk>
To: Ryan Sweat <rsweat@attbi.com>
Message-ID: <20021104100615.GB9849@hq.sk>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="rS8CxjVDS/+yyDmU"
Content-Disposition: inline
In-Reply-To: <1036008147.22818.31.camel@ryans>
--rS8CxjVDS/+yyDmU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Oct 30, 2002 at 02:02:27PM -0600, Ryan Sweat wrote:
> I've found it trivial to crash the Motorola Surfboard 4200 Cable modem,
> as installed default by AT&T Broadband Internet.
>=20
> The modem acts as a bridge, but also has an internal RFC1918 IP address
> (192.168.100.1). Simply nmap'ing the cable user's IP address, ie:
> # nmap -sS -p 1-1024 12.x.x.x
> will cause it to crash, rendering the ethernet interface useless. It is
> also possible to crash it from the lan by simply doing the same scan
> against the cable modem's internal IP address. The crash is not
> specific to nmap, there are other publicly available tools which cause
> the same result. This is known to be effective on Software Version:
> SB4200-0.4.4.0-SCM06-NOSH. (possibly others?)
Nothing happens to a SB4200E-0.4.4.1-SCM04-NOSH. Everything works fine
after a scan.
[e]
--=20
___________________________________________________________________________=
____
>e@hq.sk< /(bb|[^b]{2})/ >http://hq.sk/~e=
uro<
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the Universe trying
to produce bigger and better idiots. So far, the Universe is winning."
-- Rich=
Cook =20
--rS8CxjVDS/+yyDmU
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE9xkaWWGpO+XKsHY8RAm1lAKDqBTTwk24VL/uTMZ3zM1okLmf3YACeLQNz
NT6pJ3ABlh3OpT585ty/dEw=
=yJNx
-----END PGP SIGNATURE-----
--rS8CxjVDS/+yyDmU--
