Bugtraq mailing list archives

DoS Exploit in Eicon Diehl LAN ISDN Modem

From: courier () ONLINE DE (Björn Stickler)
Date: Sun, 26 Sep 1999 12:53:26 +0200


i recently found a security bug in the diva lan isdn modem that shuts down
the modem (fault led on).
all you have to do is type the following location in your browser:
http://diva/login.htm?password=0123456789012345678901234567890123456789
where diva is the name of your modem or the ip-address.
after that, the modem is locked until you do a hard reset.
i think itÂ´s a buffer overflow of the password length which probably
overwrites the eip adress.
regards
BjÃ¶rn Stickler

PS: i informed Eicon Diehl about that bug already

Current thread:

SCO 5.0.5 /bin/doctor nightmare Brock Tellier (Sep 08)
- Several ActiveX Buffer Overruns Shane Hird (Sep 23)
- Re: QMS2060 security hole Frank Bures (Sep 24)
- [Announce] mutt-1.0pre3 is out / security fix. Thomas Roessler (Sep 25)
- DoS Exploit in Eicon Diehl LAN ISDN Modem Björn Stickler (Sep 26)