Netgear FVG318 is vunerable to DOS attack

2006.08.16

Credit: root localhost com

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2006-4143

CWE: CWE-Other

Ogólna skala CVSS: 7.8/10

Znaczenie: 6.9/10

Łatwość wykorzystania: 10/10

Wymagany dostęp: Zdalny

Złożoność ataku: Niska

Autoryzacja: Nie wymagana

Wpływ na poufność: Brak

Wpływ na integralność: Brak

Wpływ na dostępność: Pełny

The Netgear FVG318 (http://www.netgear.com/Products/VPNandSSL/WirelessVPNFirewallRouters/FV
G318.aspx) is vunerable to a Denial of Service attack where a flood of bad checksum TCP packets will lock the router up, forcing a hard reset.

This can be acheived with a program such as fragrouter or even an innocent program such as Azureus when sending/receiving a lot of bad packets.

I deceided to release this information after netgear seemingly uncaringly for their customers has deceided to not progress on diagnosing this bug for over 2 months.

My Firmware ver. = V1.0.40. Can anyone else confirm this with different or the same versions?

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Netgear FVG318 is vunerable to DOS attack

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.