Bugtraq mailing list archives
Re: Efficient Networks 5861 DSL Router
From: Andrew Hodgson <andrew () hodgsonfamily org>
Date: Fri, 10 Jan 2003 14:00:07 +0000
On Fri, 10 Jan 2003 11:05:01 -0000, "Greg Bolshaw" <greg () optionsinternet com> wrote:
Product: Efficient Networks 5861 DSL Router http://www.efficient.com/ebz/5800.html Tested version: 5.3.80 (Latest firmware) Advisory date: 10/01/2003 Severity: Moderate Background
[...]
As far as I am aware, the 5861 is the standard router provided to all ADSL business customers in the UK.
From which provider?
Details When using the builtin IP filtering to block incoming TCP SYN flags, a simple portscan to the WAN interface of the router will cause the it to lock up, and eventually restart.
I have confirmed this using the Sygate port scanner found at http://scan.sygate.com. [...]
Solution There is currently no fix for this exploit. I have contacted Efficient Networks to inform them of the problem.
A workarround is to disable the filtering on the router and make sure all unsolicited packets are forwarded to a machine with a capable firewall installed. This is what I am doing in one instance. Andrew. -- Andrew Hodgson, Bromyard, Herefordshire, UK. Email: Andrew () hodgsonfamily org
Current thread:
- Efficient Networks 5861 DSL Router Greg Bolshaw (Jan 10)
- Re: Efficient Networks 5861 DSL Router Andrew Hodgson (Jan 15)