Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Phenoelit Advisory #0815 ++-+ dp_300 (DLINK)

From: kim0 <kim0 () phenoelit de>
Date: Sat, 27 Jul 2002 12:07:07 +0200

--
           kim0   <kim0 () phenoelit de>
       Phenoelit (http://www.phenoelit.de)
90C0 969C EC71 01DC 36A0  FBEF 2D72 33C0 77FC CD42


Phenoelit Advisory <wir-haben-auch-mal-was-gefunden #0815 ++-+>

[ Authors ]
        FX              <fx () phenoelit de>
        FtR             <ftr () phenoelit de>

        Phenoelit Group (http://www.phenoelit.de)
        Advisory        http://www.phenoelit.de/stuff/dp-300.txt

[ Affected Products ]
        D-Link
                        DP-300+

        D-Link Bug ID:  Not assigned

[ Vendor communication ]
        07/07/02        Initial Notification
                        *Note-Initial notification by phenoelit
                        includes a cc to cert () cert org by default
        07/19/02        Notification of intent to post public in apx.
                        7 days.


[ Overview ]
        The D-Link Ethernet/Fast Ethernet Print Server DP-300+
        provides network connectivity for printers.
        
[ Description ]
        By sending an oversized POST request to an existing web page such 
        as /Config1.htm, the device web server dies.  A process appears to be 
        listening on the port but will no longer answer requests.  Additionally, 
        the print server reports an uptime of less then one minute after the 
        attack, indicating that the software dies during this time.

[ Example ]
        See above

[ Solution ]
        None known at this time. 

[ end of file ]
Previous By Date Next
Previous By Thread Next

Current thread: