Multiple D-Link Routers UPNP Buffer Overflow Vulnerability

2006-07-17T00:00:00
ID EDB-ID:28230
Type exploitdb
Reporter Barnaby Jack
Modified 2006-07-17T00:00:00

Description

Multiple D-Link Routers UPNP Buffer Overflow Vulnerability. CVE-2006-3687. Dos exploit for hardware platform

                                        
                                            source: http://www.securityfocus.com/bid/19006/info

D-Link wired and wireless routers are prone to a buffer-overflow vulnerability because these devices fail to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Successful exploits can allow remote attackers to execute arbitrary machine code in the context of the affected device.

Attackers can exploit this issue by sending a request of the form:

M-SEARCH <800 byte string> HTTP/1.0

to UDP port 1900.