NetComm NB1300 Malformed Ping Saturation DoS

2005-03-25T07:40:48
ID OSVDB:15088
Type osvdb
Reporter Chris Rock(chris@kustodian.com)
Modified 2005-03-25T07:40:48

Description

Vulnerability Description

Netcomm NB1300 DSL Modem contains a flaw that may allow a remote denial of service. The issue is triggered when flooding the WAN interface with large ICMP ECHO requests, and will result in loss of service availability for legitimate users.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Place the IP address 192.168.1.254 (ensure no device behind the Netcomm uses that IP address) into the NB1300s 'DMZ Host' field This option is located under the 'Misc Config' page of the Management Console. By doing this the Netcomm device will forward the malformed packets to a fictitious address and mitigate the issue.

Short Description

Netcomm NB1300 DSL Modem contains a flaw that may allow a remote denial of service. The issue is triggered when flooding the WAN interface with large ICMP ECHO requests, and will result in loss of service availability for legitimate users.

Manual Testing Notes

ping -l 65500 -w 0 -t <IP of DSL Modem>

Open 3 new shells/cmd and paste it in again. Kill the shells and send a normal ping to the device and it is gone, until reboot.

References:

Vendor URL: http://www.netcomm.com.au/ADSL/adsl.php#NB1300 Secunia Advisory ID:14731 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-03/0436.html ISS X-Force ID: 19837 CVE-2005-0895 Bugtraq ID: 12901