The following security advisory is sent to the securiteam mailing list, and can
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Netcomm 1300NB DSL Modem DoS
------------------------------------------------------------------------
SUMMARY
The <http://www.netcomm.com.au/ADSL/adsl.php#NB1300> NB1300 "top-selling
ADSL Modem with Router connects one computer or a small network to a
high-speed Internet service through the USB interface or 10/100 Ethernet".
The 1300NB DSL modem is vulnerable for denial of service attack when
attempting to use a ping or other ICMP floods.
DETAILS
The Netcomm 1300NB DSL Modem is vulnerable to a denial of service attack
that can be triggered by sending a large amount of big ICMP echo packets.
Once the attack has been initated the WAN interface on the Netcomm DSL
Modem will lock itself up and the device must be rebooted to get Internet
connectivity.
Example:
By issuing the following command in three different shell/cmd:
ping -l 65500 -w 0 -t <IP of DSL Modem>
Followed by a normal ping to the device will cause the device to lock up
until its reboot.
ADDITIONAL INFORMATION
The information has been provided by <mailto:chris@kustodian.com> Chris
Rock.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to:
list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to:
list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any
kind.
In no event shall we be liable for any damages whatsoever including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
