------------------------------------------------------------------------
* Linksys BEFSR41 Cable/DSL Router Web-Based Administration DoS*


*Vulnerability ID Number:*

0406212

* Overview:*

A vulnerability has been found in the Linksys BEFSR41 Cable/DSL Router
Web-Based Administration.

* Vendor:*

Linksys (http://www.linksys.com <http://www.linksys.com/>)

* Vulnerability/Exploit:*

A user can deny access to the web-based administration by establishing 1
connection to the web-based administration port (80). Until the
connection is closed, the router administrator cannot access the
web-based administration. Note that the router automatically closes the
TCP connection after about ten seconds of inactivity.

* Workaround:*

None so far.

* Date Discovered:*

June 21, 2004

* Severity:*

Medium

* Credit:*

Paul Kurczaba
Kurczaba Associates

Visit http://www.kurczaba.com/mailinglists.htm for mailing lists in
Security, Encryption, Wireless, MS-Security, and Production Security.

 

 

Copyright 2003-2004 Kurczaba Associates