Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | TCP Flood and Authentication Cracking Causes NETGEAR FM114P to Hang |
|---|
Categorie: Vulnerability
Posted: 2002-10-13 by Gmtech
Views: 829
Source: Click here
| Current Rating: Not rated
|
| | Details |
|---|
A security vulnerability in the NETGEAR FM114P allows remote attackers to cause the product to crash by initiating a large number of TCP connections, or by trying to brute force the password used in the administrator's web interface
It seems possible to crash the NETGEAR FM114P with many TCP connects. Marc did some tests on his FM114P firmware Version 1.3 Release 05 and these are the needed connection attempts:
4349
15641
125802
22185
44395
62564
9865
22102
108132
42314
It appears that there is no exact value from which the NETGEAR will crash. However, all of them are between the scale of 4349 and 125802.
It's also possible to cause this vulnerability by trying to brute force the htaccess password of the web interface (e.g. with WWWhack). Note however, that such an attack is recorded in the log files as following:
--- fwlog begin ---
[...]
Sun, 2002-10-06 21:23:40 - Administrator login fail, Password error - IP:192.168.0.2
Sun, 2002-10-06 21:23:41 - Administrator login fail, Password error - IP:192.168.0.2
Sun, 2002-10-06 21:23:41 - Administrator login fail, Password error - IP:192.168.0.2
[...]
--- fwlog end ---
After this (and after the TCP flood), the whole firewall freezes:
- You can't ping the box
- You can't connect to the web interface
- No throughput is possible
- The firewall doesn't mail the scheduled log files
The only way to restore normal operation would be to reboot the tiny box.
| | Links |
|---|
Cisco Secure Content Accelerator Vulnerable to SSL Worm
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=52
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
