Zyxel Prestige 681 and 1600 (possibly other?) remote DoS

[Przemyslaw Frasunek <venglin () freebsd lublin pl>]

Hello,

Zyxel Prestige 681 SDSL router is vulnerable to *remote* denial of service. 
By sending malformed packets, it is possible to bring down DSL link for few 
minutes. The problem persists only if packets come from DSL interface, not 
from Ethernet. ZyNOS reports that line is synchronizing and it takes about 
2-3 minutes before link is up.

The workaround is to switch off routing and put device in bridging mode. 
Zyxel support has been notified, I won't release details of attack, until 
ZyNOS will be patched.

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw () frasunek com ** PGP: D48684904685DF43EA93AFA13BE170BF *