Re: Efficient Networks 5861 DSL Router

[Andrew Hodgson <andrew () hodgsonfamily org>]

On Fri, 10 Jan 2003 11:05:01 -0000, "Greg Bolshaw"
<greg () optionsinternet com> wrote:

> Product:               Efficient Networks 5861 DSL Router
>                       http://www.efficient.com/ebz/5800.html
> Tested version:        5.3.80 (Latest firmware)
> Advisory date: 10/01/2003
> Severity:              Moderate
>
> Background
[...]
> As far as I am aware, the 5861 is the standard router provided to all ADSL
> business customers in the UK.

From which provider?
> Details
>
> When using the builtin IP filtering to block incoming TCP SYN flags, a
> simple portscan to the WAN interface of the router will cause the it to lock
> up, and eventually restart.

I have confirmed this using the Sygate port scanner found at
http://scan.sygate.com.

[...]

> Solution
>
> There is currently no fix for this exploit.  I have contacted Efficient
> Networks to inform them of the problem.

A workarround is to disable the filtering on the router and make sure
all unsolicited packets are forwarded to a machine with a capable
firewall installed.  This is what I am doing in one instance.

Andrew.
-- 
Andrew Hodgson, Bromyard, Herefordshire, UK.
Email: Andrew () hodgsonfamily org