PDA

Bekijk Volledige Versie : Efficient Networks 5861 DSL Router



Greg Bolshaw
10/01/03, 15:48
Product: Efficient Networks 5861 DSL Router
http://www.efficient.com/ebz/5800.html
Tested version: 5.3.80 (Latest firmware)
Advisory date: 10/01/2003
Severity: Moderate

Background

"Efficient Networks® Business Class IDSL, ADSL, or SDSL Routers provide DSL
access for up to 100 or more users with robust firewall and optional Secure
Virtual Private Network (VPN) capabilities. Efficient Networks® Business
Class DSL Routers are Business Contingency Plan ready, with features such as
Dial Backup and Virtual Router Redundancy Protocol (VRRP)."

As far as I am aware, the 5861 is the standard router provided to all ADSL
business customers in the UK.

Details

When using the builtin IP filtering to block incoming TCP SYN flags, a
simple portscan to the WAN interface of the router will cause the it to lock
up, and eventually restart.

This has been tested on two different 5861 routers, both running the above
firmware version.

Port scanners used were Nmap (Linux) and SuperScan (Windows)

Solution

There is currently no fix for this exploit. I have contacted Efficient
Networks to inform them of the problem.

Andrew Hodgson
15/01/03, 21:44
On Fri, 10 Jan 2003 11:05:01 -0000, "Greg Bolshaw"
<greg@optionsinternet.com> wrote:

>Product: Efficient Networks 5861 DSL Router
> http://www.efficient.com/ebz/5800.html
>Tested version: 5.3.80 (Latest firmware)
>Advisory date: 10/01/2003
>Severity: Moderate
>
>Background
>
[...]
>
>As far as I am aware, the 5861 is the standard router provided to all =
ADSL
>business customers in the UK.

=46rom which provider?
>
>Details
>
>When using the builtin IP filtering to block incoming TCP SYN flags, a
>simple portscan to the WAN interface of the router will cause the it to =
lock
>up, and eventually restart.

I have confirmed this using the Sygate port scanner found at
http://scan.sygate.com.

[...]

>Solution
>
>There is currently no fix for this exploit. I have contacted Efficient
>Networks to inform them of the problem.

A workarround is to disable the filtering on the router and make sure
all unsolicited packets are forwarded to a machine with a capable
firewall installed. This is what I am doing in one instance.

Andrew.
--=20
Andrew Hodgson, Bromyard, Herefordshire, UK.
Email: Andrew@hodgsonfamily.org