Bugtraq mailing list archives
Re: DoS in Flowpoint 2000 DSL routers
From: tom () HOOKED NET (Tom)
Date: Tue, 11 Aug 1998 22:09:43 -0700
On Tue, 11 Aug 1998 20:35:20 PDT, Jason Ackley writes:
Hello, Quick Overview: There exists a DoS in Flowpoint's (A)DSL 2000 router ('fp2k') running software rev 1.2.3 (anyone have other revs to test?) Lil Backgrounder: Flowpoint builds the routers and distributes them through various OEMs and VARs, one that I know of is Diamond Lane Commuications, so if you have a DSL router its best to take a peak at it real quick(tm). Basically its not much bigger than a modem, has six blinky lights on the front. Vendor Status: I informed Flowpoint of this problem on Fri May 29, Flowpoint responded on Mon Jun 1 with a fix and an apology for not responding to me sooner! Quick Service!
My biggest gripe with fp2000 was the unrestricted "read only" access to telnet and snmp ports. FP has been very responsive to customer feedback and v1.4.3 supports access lists. There was also a nasty memory leak in earlier versions that would cause the router to die for no apparant reason, they granted access to a beta version that fixed it some time ago. Looks like 1.43 will only take X chars. Escape character is '^]'. FlowPoint/2000 ADSL Router v1.4.3 Ready
login dfljsdlfjsdkfjsdlkffffffffffffsdlkfjlksdfjlwrejfopiwjflksfdslkfjsdlkfjsdlkfjdslkfjdslkfjdslfjsdlkfjsdlkfjdslfjdslkflkfslkfjsdlkfsdlkfsdlkfdslkfsdlkjfsdlkfjsdlkfslkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfjsdlkfjsdlkfjsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkfsdlkjfsdlkfjsdlkjfdsjflksdflksdfsldkfsldkfsdlkfjsdlkfdslkfdslkfjsdlkfjsdlkjfsdljforewirjweruweurpweurpwewefwlkfjwelfhjewpirewpfpweofpwekfpwekfpwejfpwjfowefjwefwejfipwejfwejpfwjepfwejpfwejfpwejfpwejfpwejfpwefpweofpwefpowejfwpeijfwpejfpwejfwepfjwepfjwepfjwepfjwepfjwepfjewpfjwepfjwepfwejpfjewpfwejpfwejfpwejfpwefjwpejfwepfjwepfjwepfwjepfjwepfwejpfwjepfwejfpwejfpwefjwpefjwepfjwepfjwepfewjpfwejpfwejfpwefjpewjfwepfjwpefjwpefjpwfjwepfjwepfjwepfjwepjfwepfjwepfjwepfjwepfjwepfjwepfwjefpwejfpewjfpwejfpwejfpwejfpwejfpwejfwepfwepjfwpejfpwejfwpejfewpjfpwefpwejfpewjfpwejfpwejfpwejfpwefjweksdlkjfpwepweiwoip;dsfjg;jpogjrepojreipewrut083475034503459534907340957-043-68458607034750j4rejtlkrejtlkerwjrepitjre0u43-0u-0jrptjepo34ujt0934t4jpj!
34pjtrepoitj4309ru0wtj43pjew0irjt Wrong password! Try logging in again.
-- Tom Jansen - Sysadmin GST - Whole Earth Networks mknod /dev/spam c 2 2 ; chmod 666 /dev/spam ; echo " >/dev/spam" > ~/.forward
Current thread:
- Re: Eudora executes (Java) URL John D. Hardin (Aug 10)
- <Possible follow-ups>
- Re: Eudora executes (Java) URL Dominique Unruh (Aug 11)
- Re: Eudora executes (Java) URL Vitiello, Eric (Aug 11)
- Re: Eudora executes (Java) URL James Wetterau (Aug 11)
- Re: Eudora executes (Java) URL Alec Kosky (Aug 11)
- Re: Eudora executes (Java) URL John D. Hardin (Aug 11)
- Cisco IOS software security notice security-alert () cisco com (Aug 12)
- Re: Eudora executes (Java) URL High Tide (Aug 12)
- Re: RotoRouter 1.0 - Traceroute log & fake Julian Assange (Aug 11)
- DoS in Flowpoint 2000 DSL routers Jason Ackley (Aug 11)
- Re: DoS in Flowpoint 2000 DSL routers Tom (Aug 11)
- Re: DoS in Flowpoint 2000 DSL routers Jason Ackley (Aug 12)
- Linux 2.1.115 oops (demo and fix) Duncan Simpson (Aug 13)
- Re: Linux 2.1.115 oops (demo and fix) Chris Wedgwood (Aug 13)
- [rootshell] Security Bulletin #22 DeadSock (Aug 14)
- Linux 2.1.115 devpts bug improved fix Duncan Simpson (Aug 13)