On Tue, 25 Dec 2001, Marc SCHAEFER wrote: > Zyxel Prestige SDSL Router IP Packet Length Remote Denial Of Service Vulnerability > BugTraq ID: 3695 > Remote: Yes > Date Published: Dec 14 2001 12:00A > Relevant URL: > http://www.securityfocus.com/bid/3695 > Summary: > > Prestige is a product line of DSL routers produced and distributed by > Zyxel. > > A problem with Zyxel routers has been discovered that could lead to a > remote denial of service attack. The problem is in the receipt of > malformed packets. > > When a Zyxel router receives malformed packets crafted with an IP length > shorter than the actual size of the packet, the router becomes unstable > and drops connectivity. This loss of connectivity can last up to three > minutes. This could lead to a remote user denying service to a legitimate > user of the router. The router is affected only by malformed packets > received through the DSL interface. Malformed packets sent through the > LAN interface have no affect on the system. > > The router is affected only by malformed packets received through the DSL > interface. Malformed packets sent through the LAN interface have no > affect on the system. > > This problem has been reported in the model 681 routers, and may affect > others in the Prestige product line as well. > > [ Pas libre: firmware propriétaire. Mais vu que cela peut concerner un > système libre aussi ... ] > > ... > > Zyxel Prestige SDSL Router IP Fragment Reassembly Vulnerability > BugTraq ID: 3711 > Remote: Yes > Date Published: Dec 18 2001 12:00A > Relevant URL: > http://www.securityfocus.com/bid/3711 > Summary: > > Prestige is a product line of DSL routers produced and distributed by > Zyxel. > > A problem with Zyxel routers has been discovered that could lead to a > remote denial of service attack. The problem is in the receipt of > fragmented packets. > > When a Zyxel router receives fragmented packets that after reassembly is > greater than 64 kilobytes in length, the router crashes. The router must > be power cycled to resume normal operation. This could lead to a remote > user denying service to a legitimate user of the router. > > The router is affected only by fragmented packets received through the DSL > interface. Fragmented packets sent through the LAN interface have no > affect on the system. > > This problem has been reported in the model 681 routers, and may affect > others in the Prestige product line as well. > > [ idem ]
Si je comprend bien, cela ne concerne que les routeurs, et non les modems utilisé via pppoe?! Me semble que ce type de problèmes se situerait au niveau de pppoe, mais je ne suis pas sûr de tout bien comprendre... Si oui, pppoe est-il vulnérable? -- Félix Hauri - <[EMAIL PROTECTED]> - http://www.f-hauri.ch -- http://www-internal.alphanet.ch/linux-leman/ avant de poser une question. Ouais, pour se désabonner aussi.
