Vulnerability Detail

Linksys sysPasswd/sysPasswdConfirm/DomainName denial of service vulnerability

Date Discovered:
3 Jun 2004

Date Published:
5 Jun 2004

Last Updated:
18 Oct 2004

Threat Assessment

Overall Risk: Medium

Popularity : Medium

Impact: High

Simplicity: Medium

Characteristics

Vulnerability ID: 28398
Discovered By: Alan McCaig, A.K.A. b0f

Exploitable Locally: No
Exploitable Remotely: Yes

Impact: A remote attacker can cause a denial of service condition.

Root Cause: Software Vulnerability

Description

Recommendations

Affected Technologies

References

Description

The Linksys router Firmware contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service condition. The vulnerabilities are due to a lack of validation on the field length for the sysPasswd, sysPasswdConfirm, and DomainName parameters. An attacker can submit carefully crafted parameter strings for sysPasswd, sysPasswdConfirm, and DomainName to the Gozila.cgi script to crash the router and cause a denial of service condition. This is a non-priority technology vulnerability.

Recommendations

Upgrade to the latestest Linksys router Firmware release:

Linksys Router Firmware Update Site:
http://www.linksys.com/download/firmware.asp ?fwid=3

Vendor site:
http://www.linksys.com/

Affected Technologies

Linksys: BEFSX41 firmware 1.45.7
Linksys: BEFW11S4 firmware 1.45.7
Linksys: Linksys BEFSR11 Firmware 1.45.7
Linksys: Linksys BEFSR41 Firmware 1.45.7
Linksys: Linksys BEFSR41 v3 Firmware 1.45.7
Linksys: Linksys BEFSR81 v2 Firmware 1.45.7
Linksys: Linksys BEFSR81 v3 Firmware 1.45.7
Linksys: Linksys BEFSRU31 Firmware 1.45.7

References

Mitre CVE: CVE-2002-2270

CA Global Security Advisor

Current threat condition: Low

Documents and Tools

Find Threats

Viruses Spyware
Vulnerabilities All

Page Tools