ZyXEL Prestige 642R malformed TCP packet denial of service
| zyxel-tcp-packet-dos (9372) |  Low Risk |
Description:
The ZyXEL Prestige 642R router is vulnerable to a denial of service attack. A remote attacker can send a TCP packet with the SYN and ACK flags set to block services on the router. If a TCP packet with the SYN and FIN flags are set, services on the router would become inaccessible for a short period of time.
Note: Services affected by this vulnerability include Telnet, FTP, and DHCP.
Platforms Affected:
- ZyXEL, Prestige 342R
Remedy:
No remedy available as of June 27, 2009.
Consequences:
Denial of Service
References:
- BugTraq Mailing List, Mon Jun 17 2002 - 07:59:11 CDT, ZyXEL 642R(-11) AJ.6 SYN-ACK, SYN-FIN DoS at http://archives.neohapsis.com/archives/bugtraq/2002-06/0170.html.
- BugTraq Mailing List, Mon Jun 17 2002 - 12:47:27 CDT, Re: ZyXEL 642R(-11) AJ.6 SYN-ACK, SYN-FIN DoS -- 643R testing at http://archives.neohapsis.com/archives/bugtraq/2002-06/0186.html.
- BugTraq Mailing List, Mon Jun 17 2002 - 13:09:41 CDT, Follow: ZyXEL 642R-11 AJ.6 service DoS -- additional informations at http://archives.neohapsis.com/archives/bugtraq/2002-06/0184.html.
- BID-5034: Zyxel Prestige 642R Malformed Packet Denial Of Service Vulnerability
- CVE-2002-1071: ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set.
Reported:
Jun 17, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net