Bugtraq mailing list archives

Re: Make The Netopia R9100 Router To Crash

From: Rob Tashjian <rwt () NETOPIA COM>
Date: Wed, 24 Jan 2001 07:42:45 -0800

Well, had you bothered to contact Netopia first, (what!, you didn't!
shame on you!), you would have found that the problem has been
resolved for some time now.  The version of firmware against which
you are reporting this problem (4.6) is close to a year old.  The
current version of firmware is 4.8.2, or two feature releases and a
number of bug fixes removed.  Please upgrade to 4.8.2.

In the future, you should report security problems to
    security () netopia com
or call Netopia Tech Support and have the problem logged so that
it can either be fixed, or as in this case, you can be directed to
upgrade your firmware.

rwt

ps.  Whose router do you have passwords to anyhow:^?  And why
are you trying to delete the logs:^?
---
Robert Tashjian
rwt () netopia com
----- Original Message -----
From: "Julien Henry" <nyc1660 () FREESURF FR>
To: <BUGTRAQ () SECURITYFOCUS COM>
Sent: Tuesday, January 23, 2001 1:59 PM
Subject: Make The Netopia R9100 Router To Crash

This post will be short because it does not need a lot
of explanation. This is in a really specific case.

If you have the password of the router and if you are
logged to it you will not be able to delete all the traces.
The router logs the connection and the disconnection
of telnet sessions. If you want to delete the
connection from the logs you just have to delete
them. But if you want to delete the disconnection log
you can't.

The only way to do that is to make it crash. Just use
the telnet program which is inside the router. Try to
make a connection from the IP of the router to the IP
of the router. It will crash it, as a consequence, you
will NOT be logged ! In the log you only see things like
that :

01/24/01 01:01:15 --BOOT: Warm start v4.6 ----
01/24/01 01:01:10 * EXCEPTION: A6: 12F6890, A7:
12F67DC
01/24/01 01:01:10 * EXCEPTION: A4: 0, A5: 124B474
01/24/01 01:01:10 * EXCEPTION: A2: 125F9AC, A3: 0
01/24/01 01:01:10 * EXCEPTION: A0: 125F9D8, A1: 0
01/24/01 01:01:10 * EXCEPTION: D6: 0, D7:
C1FB0028
01/24/01 01:01:10 * EXCEPTION: D4: 0, D5: 0
01/24/01 01:01:10 * EXCEPTION: D2: 0, D3: 0
01/24/01 01:01:10 * EXCEPTION: D0: 0, D1: 6
01/24/01 01:01:10 * EXCEPTION: BERR SF
SP+$10: 10845AE, SP+$14: E0045
01/24/01 01:01:10 * EXCEPTION: BERR SF
SP+$08: 83A, SP+$0C: FFFFF9AC
01/24/01 01:01:10 * EXCEPTION: PC: 10845AE, SR:
2004, F/V: C008

Current thread:

Make The Netopia R9100 Router To Crash Julien Henry (Jan 23)
- Re: Make The Netopia R9100 Router To Crash Rob Tashjian (Jan 24)