Denial of Service Vulnerabilities in Linksys Routers
Alan McCaig of www.b0f.net reported two local denial of service vulnerabilities in the following models of Linksys routers: Linksys BEFSR41 Linksys BEFSRU31 Linksys BEFSR11 Linksys BEFSX41 Linksys BEFSR81 v2/v3 Linksys BEFW11S4 v3 Linksys BEFW11S4 v4 The threat posed by these vulnerabilities is mitigated somewhat, as they are apparently only exploitable from the LAN side of the router. However, they will leave the device in a deadlocked state requiring a reset to factory defaults to return to working order. If the user has made significant modifications beyond these defaults this would likely be the source of much chagrin. Currently, the only fix is to not randomly click on untrusted links. Format String Vulnerability in Tripwire Paul Herman <pherman@frenchfries.net> released information regarding the mishandling of filenames passed into email reports generated by Tripwire. Although the author states that no exploit currently exists, this information is especially concerning as Tripwire is generally used on machines the administrators would like to maintain a higher-than-normal level of security on. Vulnerable versions are: Tripwire commercial versions <= 2.4 Tripwire open source versions <= 2.3.1 Paul also included a patch for the open source version of Tripwire: Index: src/tripwire/pipedmailmessage.cpp =================================================================== retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- src/tripwire/pipedmailmessage.cpp 21 Jan 2001 00:46:48 -0000 1.1 +++ src/tripwire/pipedmailmessage.cpp 26 May 2004 20:59:15 -0000 1.2 @@ -180,7 +180,7 @@ void cPipedMailMessage::SendString( const TSTRING& s ) { - if( _ftprintf( mpFile, s.c_str() ) < 0 ) + if( _ftprintf( mpFile, "%s", s.c_str() ) < 0 ) { TOSTRINGSTREAM estr; estr << TSS_GetString( cTripwire, tripwire::STR_ERR2_MAIL_MESSAGE_COMMAND ) Users are encouraged to patch or disable email alerting to maintain the integrity of their systems. Cory Altheide Handler on Duty |
Cory Altheide 19 Posts Jun 4th 2004 |
Thread locked Subscribe |
Jun 4th 2004 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!