ID SECURITYVULNS:DOC:4153 Type securityvulns Reporter Securityvulns Modified 2003-03-03T00:00:00
Description
Hi,
found a bug for possible DoS-Attacks in firmware v2.5 of US Robotics
Broadband-Router 8000A/8000-2 (USR848000A-02). Any computer in the
intranet can produce a DoS-Attack by sending a overlong GET-Request to the
router's built-in webserver.
Can anybody reproduce this bug? Maybe older versions are also vulnerable.
-xti
{"id": "SECURITYVULNS:DOC:4153", "bulletinFamily": "software", "title": "DoS in 'USR848000A-02'", "description": "Hi,\r\nfound a bug for possible DoS-Attacks in firmware v2.5 of US Robotics\r\nBroadband-Router 8000A/8000-2 (USR848000A-02). Any computer in the\r\nintranet can produce a DoS-Attack by sending a overlong GET-Request to the\r\nrouter's built-in webserver.\r\nCan anybody reproduce this bug? Maybe older versions are also vulnerable.\r\n -xti", "published": "2003-03-03T00:00:00", "modified": "2003-03-03T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:4153", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:07", "edition": 1, "viewCount": 1, "enchantments": {"score": {"value": 4.3, "vector": "NONE", "modified": "2018-08-31T11:10:07", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["EULEROS_SA-2020-1498.NASL", "EULEROS_SA-2020-1457.NASL", "EULEROS_SA-2020-1496.NASL", "EULEROS_SA-2020-1477.NASL", "EULEROS_SA-2020-1491.NASL", "EULEROS_SA-2020-1494.NASL", "EULEROS_SA-2020-1483.NASL", "EULEROS_SA-2020-1489.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220201494", "OPENVAS:1361412562311220201431", "OPENVAS:1361412562311220201489", "OPENVAS:1361412562311220201457", "OPENVAS:1361412562311220201477", "OPENVAS:1361412562311220201400", "OPENVAS:1361412562311220201491", "OPENVAS:1361412562311220201476", "OPENVAS:1361412562311220201430", "OPENVAS:1361412562311220201473"]}], "modified": "2018-08-31T11:10:07", "rev": 2}, "vulnersScore": 4.3}, "affectedSoftware": []}
{"rst": [{"lastseen": "2021-01-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **85[.]221.245.54** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **28**.\n First seen: 2020-12-25T03:00:00, Last seen: 2021-01-22T03:00:00.\n IOC tags: **generic**.\nASN 13110: (First IP 85.221.128.0, Last IP 85.221.255.255).\nASN Name \"INEAAS\" and Organisation \"\".\nASN hosts 1395 domains.\nGEO IP information: City \"Poznan\", Country \"Poland\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-25T00:00:00", "id": "RST:4A8D9560-4153-39E2-B65F-D7F318DEFB6E", "href": "", "published": "2021-01-23T00:00:00", "title": "RST Threat feed. IOC: 85.221.245.54", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **182[.]38.113.46** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-22T03:00:00.\n IOC tags: **generic**.\nASN 4134: (First IP 182.32.0.0, Last IP 182.41.255.255).\nASN Name \"CHINANETBACKBONE\" and Organisation \"No31Jinrong Street\".\nASN hosts 1178566 domains.\nGEO IP information: City \"Huancuilou\", Country \"China\".\nIOC could be a **False Positive** (Cloud provider IP).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:0023D136-4153-3E90-A339-CDD61B992157", "href": "", "published": "2021-01-23T00:00:00", "title": "RST Threat feed. IOC: 182.38.113.46", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **45[.]226.48.57** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **20**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-22T03:00:00.\n IOC tags: **generic**.\nASN 267015: (First IP 45.226.48.0, Last IP 45.226.51.255).\nASN Name \"ESADINET\" and Organisation \"EMPRESA DE SERVICOS ADM DE ITUBERA LTD\".\nASN hosts 2 domains.\nGEO IP information: City \"Camamu\", Country \"Brazil\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:48CD9572-4153-3B49-9420-5B8207989663", "href": "", "published": "2021-01-23T00:00:00", "title": "RST Threat feed. IOC: 45.226.48.57", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **outlookhelpline[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **20**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-22T03:00:00.\n IOC tags: **generic**.\nWhois:\n Created: 2020-07-04 15:36:18, \n Registrar: NameCheap Inc, \n Registrant: unknown.\nIOC could be a **False Positive** (Domain not resolved, but Whois records found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:C0C0BB80-4153-30F1-8F24-18A71EDE4821", "href": "", "published": "2021-01-23T00:00:00", "title": "RST Threat feed. IOC: outlookhelpline.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **bzq-84-109-32-112[.]red.bezeqint.net** in [RST Threat Feed](https://rstcloud.net/profeed) with score **22**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-22T03:00:00.\n IOC tags: **generic**.\nDomain has DNS A records: 84[.]109.32.112\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:2FF7281E-4153-31D5-B0EB-1E3F4FF61AFF", "href": "", "published": "2021-01-23T00:00:00", "title": "RST Threat feed. IOC: bzq-84-109-32-112.red.bezeqint.net", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **outlooklive[.]info** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-22T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:C8AFF482-4153-3CD9-840E-99D610885590", "href": "", "published": "2021-01-23T00:00:00", "title": "RST Threat feed. IOC: outlooklive.info", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **cersaie17tileofspain[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-22T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:6B460132-4153-344B-A345-EBC9F64F8210", "href": "", "published": "2021-01-23T00:00:00", "title": "RST Threat feed. IOC: cersaie17tileofspain.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **numberium[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **22**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-22T03:00:00.\n IOC tags: **generic**.\nDomain has DNS A records: 184[.]168.131.241\nWhois:\n Created: 2019-03-19 18:44:44, \n Registrar: Go France Domains LLC, \n Registrant: unknown.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:B3623A5C-4153-3031-94D9-7FF8FEF3A574", "href": "", "published": "2021-01-23T00:00:00", "title": "RST Threat feed. IOC: numberium.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-22T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **searchsheet[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **22**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-22T03:00:00.\n IOC tags: **generic**.\nDomain has DNS A records: 202[.]12.27.33,198.41.0.4,192.33.4.12,192.203.230.10\nWhois:\n Created: 2017-07-15 18:34:40, \n Registrar: Abovecom Pty Ltd, \n Registrant: unknown.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:2F9E843C-4153-35D3-92E0-5641BE7C01A0", "href": "", "published": "2021-01-23T00:00:00", "title": "RST Threat feed. IOC: searchsheet.com", "type": "rst", "cvss": {}}, {"lastseen": "2021-01-21T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **lecast[.]ru** in [RST Threat Feed](https://rstcloud.net/profeed) with score **23**.\n First seen: 2020-12-22T03:00:00, Last seen: 2021-01-21T03:00:00.\n IOC tags: **generic**.\nDomain has DNS A records: 87[.]236.16.21\nWhois:\n Created: 2017-04-23 15:59:39, \n Registrar: REGRURU, \n Registrant: Private Person.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-22T00:00:00", "id": "RST:5B410513-4153-310C-B211-53C049BC3FEB", "href": "", "published": "2021-01-22T00:00:00", "title": "RST Threat feed. IOC: lecast.ru", "type": "rst", "cvss": {}}]}
