[32710] in bugtraq
Re: Linksys WRT54G Denial of Service Vulnerability
daemon@ATHENA.MIT.EDU (Eerik.Kiskonen@toptronics.fi)
Fri Dec 5 14:39:29 2003
To: Michael Renzmann <security@dylanic.de>
Cc: bugtraq@securityfocus.com
MIME-Version: 1.0
Message-ID: <OF62314E3A.BDCA0470-ONC2256DF3.0050EF61-C2256DF3.0051CFAF@toptronics.fi>
From: Eerik.Kiskonen@toptronics.fi
Date: Fri, 5 Dec 2003 16:47:41 +0200
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Buffalo WBR-G54 (Firmware 1.30) is not vulnerable. It answers with "bad
request" and the http server continues working without problems.
---- clip ---
[stnz@starship stnz]# nc 192.168.11.1 80
GET
HTTP/1.0 400 Bad Request
Server: micro_httpd
Date: Tue, 01 Jan 2002 06:04:15 GMT
Content-Type: text/html
Connection: close
<HTML><HEAD><TITLE></TITLE><meta http-equiv="Pragma"
content="no-cache"></HEAD>
<BODY BGCOLOR="#FFFFFF">
Can't parse request.
---- clip ---
-
Ystävällisin terveisin/Best Regards
Turun Tietokeskus Oy/Eerik Kiskonen
Tekninen asiantuntija/Technical specialist
Satakunnantie 110, 20320 TURKU, Finland
Direct. +358-2-273 4244
Fax. +358-2-273 4220
E-mail: eerik.kiskonen@toptronics.fi
Web. http://www.turuntietokeskus.fi
Michael Renzmann <security@dylanic.de>
04.12.2003 06:33
To: test@techcentric.net
cc: bugtraq@securityfocus.com
Subject: Re: Linksys WRT54G Denial of Service Vulnerability
Hi all.
test@techcentric.net wrote:
> Linksys WRT54G Denial of Service Vulnerability
There are some devices out there that are technically identical to the
WRT54G (for example the Buffalo WBR-G54). Can anyone confirm whether
they share this issue?
Bye, Mike
