TITLE:
Linksys BEFVP41 IP Option Length Denial of Service

SECUNIA ADVISORY ID:
SA18461

VERIFY ADVISORY:
http://secunia.com/advisories/18461/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
>From local network

OPERATING SYSTEM:
Linksys BEF series routers
http://secunia.com/product/685/

DESCRIPTION:
Paul has reported a vulnerability in Linksys BEFVP41, which can be
exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the handling of
specially crafted IP packets with the IP option length set to zero.
This can be exploited to crash the device by sending a packet from
the internal network to an external system.

The vulnerability has been reported in version 2.0 with firmware
revision 1.01.04.

SOLUTION:
Use the device on trusted networks only.

PROVIDED AND/OR DISCOVERED BY:
Paul

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------