Penetration Testing mailing list archives
Motorola SBV5120 Exploit
From: Cristian Stoica <security () netcms biz>
Date: Mon, 13 Feb 2006 17:09:15 +0200
Hi,I've did some tests( DoS ) with cable modems and I've notice the following problem: running nmap on the management ip address of the cable modem resulted into a response of the modem of about 3-5 s not ms and the network behind the modem was unable to use the internet. I've used no special options for nmap, simply running nmap ip_address had that result. I've tested with Scientific Atlanta, Thomson, RCA modems and none reacted that way. I think that this is an easy DoS for Motorola cable modems, that can be started from inside the network also aginst the ip 192.168.100.1 ( the standard management ip address for docsis cable modems ).
Anyone else had this problem ?Beside restricting access to the vlan with the management address is there any other things that can be done ?
Best regards, Cristian Stoica ------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Motorola SBV5120 Exploit Cristian Stoica (Feb 13)