Full Disclosure mailing list archives
Information leakage found in FRITZ!OS 6.83 & 6.80 (AVM DSL Router Fritz!Box 7490) [DTC-A-20170323-001]
From: <CERT () telekom de>
Date: Thu, 17 Oct 2019 07:20:04 +0000
Deutsche Telekom CERT Advisory [DTC-A-20170323-001] Summary: CVE-2017-8087: Information leakage found in FRITZ!OS 6.83 & 6.80 (AVM DSL Router Fritz!Box 7490) Recommendation: Update to the newest Version of FRITZ!OS Details: a) application b) problem c) CVSS d) detailed description e) credits ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- ---------------------------- a) FRITZ!OS 6.83 & 6.80 (AVM DSL Router Fritz!Box 7490) b) Memory leakage within the PPPoE/PPP padding c) 4.7 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/RL:U d) Multiple DSL access router (aka Homegateway / CPE) handle PPPoE frame padding incorrectly. Instead of padding frames with zeroes, frames are padded with random memory, allowing an attacker (with physical access to wire between PPPoE endpoints) to view slices of previously transmitted packets or portions of kernel memory. This seems to be similar to http://www.securiteam.com/securitynews/5BP01208UO.html. AVM DSL Router Fritz!Box 7490 (tested with FRITZ!OS 6.83 & 6.80) sends portion of memory within PPPoE Discovery protocol PADT frames because arbitrary memory is used in the padding to reach the minimum Ethernet frame length. Further research shows that short PPP LCP frames are also padded with random memory. e) Christian Kagerhuber Mit freundlichen Grüßen / Kind regards, Deutsche Telekom CERT T-SYSTEMS INTERNATIONAL GMBH Telekom Security Cyber Defense Reponse E-Mail: <mailto:cert () telekom de> cert () telekom de PGP: <https://www.telekom.com/de/verantwortung/datenschutz-und-datensicherheit/si cherheit/sicherheit/rfc-2350-deutsche-telekom-cert-342710> 0xA8FF58B4 You can find the compulsory statement on: <http://www.t-systems.com/compulsory-statement> www.t-systems.com/compulsory-statement
Attachment:
smime.p7s
Description:
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Information leakage found in FRITZ!OS 6.83 & 6.80 (AVM DSL Router Fritz!Box 7490) [DTC-A-20170323-001] CERT (Oct 18)