Info

Disclosure

Dec 14, 2001

Discovery

Unknown

Dates

Exploit

Dec 14, 2001

Solution

Unknown

Description

ZyXel Prestige 681 series DSL routers contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a fragmented packet with a length of greater than 64KB after reassembly, and will result in loss of availability for the device.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Available
OSVDB: Web Related

Solution

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Turn off routing and put device in bridging mode

Products

ZyXEL Communications Corporation

Prestige

681

References

Bugtraq ID: 3711
Related OSVDB ID: 9980
ISS X-Force ID: 7723
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-12/0140.html
http://archives.neohapsis.com/archives/bugtraq/2001-12/0190.html
CVE ID: 2001-1194 (see also: NVD)
Vendor URL: http://www.zyxel.com/

Credit

Przemyslaw Frasunek - venglinfreebsd.lublin.pl - Przemyslaw Frasunek

Direct URL: http://osvdb.org/36218