Enterprise Networking - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Enterprise Networking


Popular Linksys Router Vulnerable to Attack



 By: Dennis Fisher
2002-11-01
Article Rating:starstarstarstarstar / 1


There are 0 user comments on this Enterprise Networking story.


Rate This Article:
Poor Best
The Linksys Group's BEFSR41 EtherFast Cable/DSL Router with 4-Port Switch is vulnerable to a remote DoS attack.

A denial-of-service vulnerability in one of the most popular cable and DSL routers allows an attacker to crash the router from a remote location.

The Linksys Group Inc.s BEFSR41 EtherFast Cable/DSL Router with 4-Port Switch is vulnerable to a remote DoS attack that requires the attacker to do nothing more than access a specific script on the routers remote management interface. The vulnerability affects all of the routers with firmware versions earlier than 1.42.7.

There is no patch available for the problem at this point, but firmaware version 1.43 fixes the problem.

Resource Library:
In order to exploit the vulnerability, an attacker would simply need to access the Gozilla.cgi script using the routers IP address with no arguments. As long as the routers remote management interface is enabled, the attacker simply needs to craft a URL that looks like this—http://192.168.1.1/Gozilla.cgi?—and send it to the router, which would then crash, according to an advisory published Friday by iDefense Inc., a security firm based in Chantilly, Va.

"Exploitation may be particularly dangerous, especially if the routers remote management capability is enabled," the advisory said. "An attacker can trivially crash the router by directing the URL…to its external interface."

In many cases, there is no reason for the remote management interface to be enabled and disabling it serves as an easy defense against this problem.

Linksys officials on Wednesday responded to the vulnerability report, saying that they were aware of the problem and recommend that all users leave the remote management interface disabled, which is the default setting.

Linksys routers are used by many home workers to split broadband connections among several computers.

A message on a security mailing list Friday from Mark Litchfield of Next Generation Security Software Ltd. suggested that routers and wireless access points from D-Link Systems Inc., and Linksys access points are also vulnerable to a DoS condition.

(Editors Note: This story has been updated since its original posting to include Linksys response.)



  Reader Comments: Popular Linksys Router Vulnerable to Attack
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Enterprise Networking Articles          >>> More By Dennis Fisher
 


x}r8s;iW1ŋzeK5e[KUEB!)Խ~fMZlUm@"oH$?'I"nZΘ\̦dwꚃ>CK$B}NUQR C7_/(bP<HwO7n[c^0R?`᳙*,Q  tjGt0]2xֵ;k:&oweki cߨ_[``1\|TA!j :iݓ ۴^$1qHh] ]( Ѽ$pm<"Q}# QTwn3 w2 X]~D4!ڮq8]b'*#O^3j `㥨H aP`\ 9t} ^ G&lw"QcO$ӡp̢JKAtf>D>8z v v}JJ73ҧ }KH;R@}ky>5I i1E 94cT$ie8D7|2XpiG?j95O?I܃N8CYnհ}= :ԍ|$ .j.s&,U-M ͻ ϡdRrhXdQ}9e, 4a[]ѡlwGZ.h5E9*U+x`9ؖ3l*sN3.irpٻ_H C[w5-ZI;t{>~l_\[r   o$& jDTV+Rh& Rc@G${/@BKoVS7B-%MюR;2,fϷ3+i*H,ǝq%?ZWM&M}X6&ZjCA/]?#{ˠjq{ں}\=rڽ!IɝN4p3 Zʿ~'^=:$~<=`kh`cRV>¯H ?'Om2 Rdt"˭~yA X(-t[WRH3}c#FX*,>Ja͢4-I` o$SE@;- u 0 +:YK7BS_?g}p a6z@Lt\ QCלش 6,%hyf4Ջ,}Yt"Fͩ8 .+J"b^3 ɋE94>BzBp4/;SjZi};Ni|NQ}ѦM>8BݘXI70i+OݺzN^TŞ*LК0#GA 6]LR}t qPhS0|wL-)0(-JC=ˋF` VGPC!nH }P(V|`{ >[S9{ݲeǀԜu`Hd˕N ] #RRR$S]Pv9DB B!B0 HV(V쎄~ .t@G҅;vjvn {TKh+K@f:32YIFMf힟 X*ȉ#o"09X -gZ Xk%Ƽ ri|:ioB{4 0suY,$MXb IK$%\EwT-::熳~Lh?wܰHz}O  +Zsƾ :ˋj|X#DfB7 ƉeLH|EpL2j}笳5LUXw!t3tTkyӏϞS ۀ}Q1R5i5);m9w\Лv!s9n! xW.Y 2gxRUyQtʝ+PXY3V7\YYbʞT᧒qH1g0d0{V@q=1S7RtZC+>q^i.;[Oe]Zr{Q^ӛA'~.MB[+ҞYE9&ےx A-ʘƗZZ"JP>VL"Cɧ8$&le2LE?in Px\{8`O=0\Re࿚ȄmmjeMѪ; ʸAaJg ` &*d ?q=kGn'ztqu3$0TNc}2 7q- SO5,FfF-  o _%t?:P[=z,.K i{y]ؕRB|zn P[QHz{=cTfla8lX||ݛtļZF_@iTWJIUӨckLĽf2,rGmAuF֝9BQ>-L.-g \\jpj ZLpsAqA0,]y.ʿwVV0\n}єa˘;|qףu6$K~IQ*)xkMf9oLq3 g4dHڸ/|P"58zx@*&ODBR --UŨN=) =gw`qTR=OqP%УGii}~هF9C!߭0Pqw"jTUlcCjzVUov (͂)3G  *|}>@W&ޯXfi^: -w~m^Z39X>>: '012&z-Cv0 ʌJ?#4ByQipw\pRk } S# 3}&mno^F{y<۝Erzm2D8z.0JdmؙY%<@j1m94c~E-0>OiXLFbT~\3gbסڳn22󓫻玾vPFpA IǸ}w3On~Uc|m,,n1ya%[Ŵ(n<0{L3wJ>6 inh`dmhAE+->Q#2!b(n'U@wJYTJ`zEZ9y HǞ1]]2Y1i}SU}Дю"eƬ}/Q Umq'.҄^K]T1)V,&v}j;뿌2KGɭTSV8<V6~Z/Ѓ`I##gȊ@G?F^n!ȍڽv?!IzG|)탨U&CUiZe%%~!WVI#Ǹ"ZAX_dL5AKgl!/`.Q(S/hT}Z.)+ia/ ~ dwm PG c-BwEj @ +o3{Kqm'ϱK{&u̟tS6dU:&iZIRk“pӁ9tGl~"ڊtģ%h2)dnQ==׵![^H?ws~́n02N l(U5ml[-W+wc"iqC` ~Y-ç,Dr_.ekR-T8J3Ay' 2vBq]6ps^ar0qq8(-E491=qhZavOT+*_3 cS7vvן(5AE6vk_% ?S-Ѝ 8FgMX1BNsE])V4}ڽKŧC<d^G #^^A1v keο hqoR!)XԼ?~jIY]fya:F&vB, H oHvI!^>juΤm}ڏ<.odhq^ 8͛ΕI{OU[J:^9"Q!5/:gW, Y#B\7ȧͦ5fpRbA ԃs 3^z0LQ‴5!,{jpbjNZ _k-W'7(aFp6Y;²VXHE`&|S*VktzcE9,{B*/Y9DC `E/ԩ #ADrIGzZFijV{DG$1^o(o%?Oů1OkwtAx[(ktNz<\1[iNju>!94tYAG$K }c]Zqm}z{H&iR'D[3pq*lKhwBlb%hղoeW!؁Cp0 š!l QڕCr^TAUbݩc3cE)vwR6x}y9b1 ݞne)ܱr0jw操~;Oj9vЛS}NԢnLq;Z9z} H{O{,˜j8;_坠PzFTrk]O}V7]mYv@uSOf 95C/r°e}ۨ+=lGt?vOJow{ѧmE tȳV* 14XH!Hnm X"2gNIJa'>d2 ,f} x3rT?.#ziҒ916onQ;-ԃz4ݷGP%(>Q.=]f+wQ{]x͞wYiYU9.r\-"n'Z^ཤ|HW90)=E$/Af} mD.Ekg[D:*tcxO||ngZ~‡i<&Kmm`1 \q}}QȻb۴mr&k߸S ML0V Y?{k<ҲRIsJ}w/L>/t8aNbb [6a;]jO_9CSi%Wޮ8W" RA0 j%$lH¦59({ c0N[j5%G iD @i[ai<k O)j%5#rwb9+LRӳ^fE&@SI/oEhR*:d&\;fn5nkq%: .grR)?߃ȫwdy NRZ!t'jQP)*`L.h8`@'B A )πi_\|." l37$ u$$rJMZ.ùt 0E Chl8.9,eX"X!:O, $C8$r mSsL*lBDDcW6sbk{B- P,lH=)PKQMrf$CQ>0q&`%y;~;Z 7$Q73nH^6]HU7X@VZ߰jg<Ĝ5r 7ȗ9 `nI6t;x#pQoY3 "aIl,ZH&zYjth0<4.T!ow*:S^uՓN0ytZ?|Ï @& 2!Eׂz/dCګuR:6|B\P oW S\'˄Le88 2˦/#cp!g߸U+oѸ:H߮'urәmK@ 1e!N@Xeb/|-ݷ?>ƣU0{M08P!ْuȍ!V2B`G"Aa"of0x؛iw WwFzdmR'm0$jTX#MU ]6yz@'XCIwa}ExEDy>ۿ]{B޶%vn߅9|æR뺤(za|xƆH6pcÊ_'an(_GLiYvMKd*-B#rg~GFr/>T2eU<ĝ٦vBa[7٪B8f~s8& 8$0K%ȖhhlWey|N=ZtJ]kQ ïXz(5k[Qx0tHZY]vޒvZvgWQ|_g ^FGʹ)k zm%.⛽M/%ArO|k nfN\"&u^x{BΡ6k?1CZ_xm&]$v?ha+M6-1N1ŋT__<@VE[6ө{O+eX -}-&ϲ)3tiAm Aȼ3KԬE5:&VJE:`ѿQF+┱faeO'%3_eWI5P"OKK)zrM@{)]Mw-E ~#d^"6Z&>W-I fL *`ad=IEIq*)Zbp6]?rEcmbvn61]\1-~7ⵥ݃~OeS9x`g~i=2݀i*k+H +sO9'hFe!;Ohl :A^TPAfXt~GD)( K#M*b m0D~7꤯L7~6F{`NݦL&YX#J;*ǝ5Ō%} J8+O|dQ?ިBx8j } g{{[=$]"<=evˏ;"(?(F]{F9-0$ %~;&.z~E v G2C"(l7hFhX|Ae~rmb?ė:}MXDrvVzBYmӶO]YLa!-(-qaIzEP&$ }9QmEMm&^ 0kQ49(&lRK!'q/+4ۏAE&Lj3KC9Fm.93͒EˉtMSs95dU*j~Ar)XZR,w9[do0Bք0:XtL'f|QkʑTH5i3kG~g5̈Gbv ]mz^CʰJ[7r5S.W@O[fkwq)NehnVuC[wVĞܐmQNa~c,/mwo,.tJv[H@#īZSe԰p-| Y?*ªFifZZGZI)JȋP^Cs2]+5Mj}r`&[ˁU}l?R#7+.8`E2jɣv#OF<2rY/*uߞze K5) >[S0q rO}K[\JP`o2ɿ ,91ǖC0ۏUKztײc0}&1J  Įv^a  kd4̉INWDnJ2\k˙D~j $Z$u-u{ sđ62#=_XYrR~".^ah˪ZM<+. b1q2 @\wtc0@$=j3?b)l:,}+ |#$#oDYABnL~9jMh%MfikxSŧS?cʘC B^*j@ϳjNT]OpY}XC3 L^^RVSvrE*h3;mRlϦ!~<17߄QT1EG :ᛒWZ-%GLJ/tX3/b3-Ѩ#Y>I%12K= o 9pb XdZ`Oi$}b s"vFf!FT1 0`m \mozaG3e9ޟFc>'죇L(~'LuE) 2u 1T"aK9. q[V?fC.7,M}S< l  \ZP4e6_zUO9PJƈ\吟Ð3{KŰDŴ c 4Q?cMNVE< ,iMPs6@א0H4aloQII!w `0װÞ16=/Hg6Ch{cs9zKqE҃PbٿJFK@}t]\P"@H>S|??­!~ةR)Qw30^Jofp0"(3[]ă0>]wqw&+W!5,= 1YG7`C[UEY|obp ?va!us x\fJԎN>@<P 4'<(W7,Xzob @p),f,ԪRD&uMu]j9u^] YQf/ǯ\iJdR. ?$@F쌆=xɾx t0 c3B's7c'rڽ!MrznއM^E+a[+M|폺UwO'OM_hZ>hbv>4m^+Lxte$ANmf(NTlSg̥,%Ew">oʁ~osڿi6ҺNr7sy S89B8^yWa uuS~9@yJ͡ ,cs\) Sҿw2~62A\t[u CFW\=o /dmOu^k8&Vaq_l _xi +{IyHGW4:<)~byeï?+))wOƻϝ)mGsu5nRr-XѧV{5_9x=U26C{":^QUb>$FFkVjfcB&Hy1nCg6'[u}Mz`MTBN$pf6RK$C^,~(W1܇f&1PAjT} =qΘ]Q<́ё:)xT״} J\~ܑJnxTGD\1-1&Q5YUdF*j堼_,)g /(@#غw7Mz${C7":dsRL s+ҷH!'\Hx'.2ԫ2dofE߰aw8a+h;00a@"b'^{z=8QY0`FF.dЬ!%cv[F8̭6г F`&8҄dYBDӼhbӣyh)ıPrO?gb+S7r{Hτ[4CSʲ%uk5>:~ sfw6a ƘSCM In_!x@Erb|{ dgΐ X.42gGQDpaw./' ] V\/vH&EF\=rmS!`5q*&[c靯0 n'B0~rQ>t zCcjd1Ik +c͙P<bIFlFyrBu;ݙɲ8B S@eO8>cc>mTώ;]95 巢QgэIœj@@zƶ3x oY019.L:.dGN*Ia yF˟41`&nϘ ˙}fu=@p6칸9D$~gIkv=%$Id`-܁90t^ ]ɡ;gij@'rIy`_GBb + L:B2,%؉GД0A ~Â圲#,zHTPsHOmM\-n\{&<[u1rD3 (Q"q}(R!1FQs$J+KESXnA}F53௚B㙸zz^yul, )_HS0^ R [Q¹T6v˽VAoL33Y,> V_vO}%B+*π UZl#rYʱߞR DOQ[ |IK:AߎKd/-YoˊcLt(&7T:.~ko\*$CbG$] "v"_Sahl/ypI>)n9asD:>Am{~/[v2 S*4%)gO?6o'[nG\k<>biEPL.c{< Cr ⁜0қ>^c *|?Ge Mt8͡okn>ʷq$LsizQڃ`kL\-  `ꆈM6M֧2R8WĻ 1)۱YJAł<Vgf;[Map"cQ#*^x9NAmӕhO੬J(̛ m+~HױQĶ`: +mKbA<\n2?>%i3|@ =( of4^`y%K@$4{ qS`whwq#1tVBR(atAL?U1?cm'nJQXƺi#¶u4meщ&o߉n^sQa[O_&gpx:Y}#s!?²LjHlf^^ktiE) aavXVju񪞝T7 r̳?s7*Ѡ,j{' l5mEgl(3W'~ѕ;7 D^R꧰a9TUd%r R⊋+4>SVrlǝlr n!%c]%.MvbecMZ*