[VulnWatch] Efficient Networks 5861 DSL Router

2003-01-11T00:00:00
ID SECURITYVULNS:DOC:3971
Type securityvulns
Reporter Securityvulns
Modified 2003-01-11T00:00:00

Description

Product: Efficient Networks 5861 DSL Router http://www.efficient.com/ebz/5800.html Tested version: 5.3.80 (Latest firmware) Advisory date: 10/01/2003 Severity: Moderate

Background

"Efficient Networks® Business Class IDSL, ADSL, or SDSL Routers provide DSL access for up to 100 or more users with robust firewall and optional Secure Virtual Private Network (VPN) capabilities. Efficient Networks® Business Class DSL Routers are Business Contingency Plan ready, with features such as Dial Backup and Virtual Router Redundancy Protocol (VRRP)."

As far as I am aware, the 5861 is the standard router provided to all ADSL business customers in the UK.

Details

When using the builtin IP filtering to block incoming TCP SYN flags, a simple portscan to the WAN interface of the router will cause the it to lock up, and eventually restart.

This has been tested on two different 5861 routers, both running the above firmware version.

Port scanners used were Nmap (Linux) and SuperScan (Windows)

Solution

There is currently no fix for this exploit. I have contacted Efficient Networks to inform them of the problem.