US Robotics Wireless Turbo Router HTTP GET buffer overflow
| usrobotics-wireless-get-bo (16860) |  High Risk |
Description:
US Robotics Wireless Turbo Router is vulnerable to a buffer overflow in the embedded Web server. By sending a specially-crafted HTTP GET request to an affected router, a remote attacker could overflow a buffer and cause the device to crash or possibly execute arbitrary code to gain complete control over the router.
Platforms Affected:
- USRobotics, USR808054 1.21h
Remedy:
No remedy available as of July 4, 2009.
Consequences:
Gain Access
References:
- BugTraq Mailing List, Mon Aug 02 2004 - 00:09:44 CDT , 7a69Adv#13 - USRobotics AP Wireless Denial of Service at http://archives.neohapsis.com/archives/bugtraq/2004-08/0009.html.
- BID-10840: U.S. Robotics USR808054 Wireless Access Point Web Administration Denial Of Service Vulnerability
- CVE-2004-1706: The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via an HTTP GET request with a long version string.
- SA12207: U.S. Robotics Wireless Access Point Denial of Service
Reported:
Aug 02, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net