4-Port Cable/DSL Gateway Router incorrectly reports the IP source address of internal requests

belkin-incorrect-ip (9324) The risk level is classified as MediumMedium Risk

Description:

The Belkin F5D5230-4 Cable/DSL Gateway Router incorrectly reports the source IP address if a request is made to a network server from within the network. This allows an attacker from within the internal network to perform malicious activity without being detected because the attacker's IP address would be reported as the IP address of the router.


Consequences:

Bypass Security

Remedy:

No remedy available as of July 1, 2014.

References:

  • Belkin Web site: Welcome to Belkin.
  • BugTraq Mailing List, Sun Jun 09 2002 - 17:17:04 CDT: Problem with IP reporting - Belkin Cable/DSL router.
  • BID-4982: Belkin F5D5230-4 Router Internal Web Traffic Origin Obfuscation Vulnerability
  • CVE-2002-1431: Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to access the web server.
  • OSVDB ID: 10062: Belkin F5D5230-4 Router Remote Access IP Concealment

Platforms Affected:

  • Belkin F5D5230-4

Reported:

Jun 09, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page