Linksys BOOTP Remote Memory Information Disclosure

2004-05-22T19:08:10
ID OSVDB:6325
Type osvdb
Reporter Jon Hart(warchild@spoofed.org)
Modified 2004-05-22T19:08:10

Description

Vulnerability Description

Linksys BEFSR41 and BEFW11S4 Routers contain a flaw that may allow an unauthorized information disclosure. The issue is triggered due to an error within the integrated DHCP server when handling BOOTP packets, which could be exploited by an malicious user to cause the device to crash, resulting in a router memory disclosure and loss of confidentiality.

Solution Description

Upgrade to version V1 1.45.11, V2 2.45.10, V3 2.50.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Linksys BEFSR41 and BEFW11S4 Routers contain a flaw that may allow an unauthorized information disclosure. The issue is triggered due to an error within the integrated DHCP server when handling BOOTP packets, which could be exploited by an malicious user to cause the device to crash, resulting in a router memory disclosure and loss of confidentiality.

References:

Vendor URL: http://www.linksys.com Vendor Specific Solution URL: http://www.linksys.com/download/vertxt/befsr81v2_ver.txt Secunia Advisory ID:11606 ISS X-Force ID: 16142 Generic Informational URL: http://www.theinquirer.net/?article=16298 Generic Exploit URL: http://packetstormsecurity.nl/0405-exploits/linksys-dhcp-exploit.c Bugtraq ID: 10329