And yet another weak cheap-to-produce-but-expensive-to-buy router has
been detected.. maybe we should
get a new banner for nmap.. like
Got DSL or cable ? <refresh> No you don't ! <refresh> Nmap router enemy
#1
;-)
Regards,
Niels
-------- Original Message --------
Subject: Vulnerability Netgear RP-114 Router - nmap causes DOS
Date: Tue, 15 Jan 2002 03:49:28 -0500
From: "Omkhar Arasaratnam" <omkhar_at_rogers.com>
Reply-To: <>
To: <bugtraq_at_securityfocus.com>
BugTraq,
This has been submitted to CERT as well. Here is the form I sent to
them:
CONTACT INFORMATION
============================================================================
===
Let us know who you are:
Name : Omkhar Arasaratnam
E-mail : omkhar_at_ca.ibm.com
Phone / fax : 416.991.1301/416.383.3316
Affiliation and address: IBM Canada Ltd.
Have you reported this to the vendor? yes
If so, please let us know whom you've contacted:
Date of your report : 12/26/2001
Vendor contact name : Paul Marino
Vendor contact phone : 408-907-8085
Vendor contact e-mail : paul.marino_at_netgear.com
Vendor reference number : 20485470
If not, we encourage you to do so--vendors need to hear about
vulnerabilities from you as a customer.
POLICY INFO
============================================================================
===
We encourage communication between vendors and their customers. When
we forward a report to the vendor, we include the reporter's name and
contact information unless you let us know otherwise.
If you want this report to remain anonymous, please check here:
___ Do not release my identity to your vendor contact.
TECHNICAL INFO
============================================================================
===
If there is a CERT Vulnerability tracking number please put it
here (otherwise leave blank): VU#______.
Please describe the vulnerability.
---------------------------------
This vulnerability is in regards to the Netgear RP114 router/NAT. This
is a
simple solution that allows home users to share their cable modem / DSL
connection. One of the features of this NAT is port filtering. If the
router
is told to drop all packets < 1024, and the WAN port is port scanned,
the
router will lock. This has been demonstrated on several occasions to
Netgear
engineering using nmap.
What is the impact of this vulnerability?
----------------------------------------
For the duration of the scan, no inbound/outbound traffic through the
WAN
port.
To your knowledge is the vulnerability currently being exploited?
----------------------------------------------------------------
no
If there is an exploitation script available, please include it here.
--------------------------------------------------------------------
n/a
Do you know what systems and/or configurations are vulnerable?
-------------------------------------------------------------
Any customer who has this router attached to a cable modem / DSL modem
in a
similar configuration.
System : RP-114
OS version : 3.26 (firmware)
Verified/Guessed: Verified, may also happen without port filtering
configured.
Are you aware of any workarounds and/or fixes for this vulnerability?
--------------------------------------------------------------------
no
OTHER INFORMATION
===========================================================================
Is there anything else you would like to tell us?
Netgear support has not been very co-operative thus far.
--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
Received on Jan 16 2002
Intro
