Re: SMC Router Denial of Service exploit

[Ranjeet Shetye <ranjeet.shetye2 () zultys com>]

On Mon, 2003-09-29 at 13:13, Claus A wrote:
> Hi
>
> > Tested on an SMC2404WBR - BarricadeT Turbo 11/22 Mbps Wireless Cable/DSL
> > Broadband Router.
>
> I ve just tested this code against my SMC 2404WBR. Firmware Version 1.0.10.
> But it didnt work.
>
> I saw a lot of UDP & ICMP on the air, but I could access the AP all the
> time. Slower as normal but there was still a connection. As stopping the
> attack after ~ 10 min everything was just normal.
>
> > Sending a stream of UDP random packets to multiple ports 0-65000 on the
> > router will cause the router to freeze until a soft reset is performed on
> > it.
>
> I ran the attack against the wireless port.
> Perhaps it only works on the WAN Port?
>
> Greets
> Claus

Can confirm DoS weakness in SMC 7004VWBR on WAN side.

Traffic = large loads of UDP and/or ICMP traffic on WAN side.
Stateful Packet Inspection is ON.
Firmware = v1.23 (Part No. 720.638)

(This information pertains to my home network and is unrelated to my
employer Zultys.)

-- 

Ranjeet Shetye
Senior Software Engineer
Zultys Technologies
Ranjeet dot Shetye2 at Zultys dot com
http://www.zultys.com/
 
The views, opinions, and judgements expressed in this message are solely
those of the author. The message contents have not been reviewed or
approved by Zultys.