Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1067

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1067
Last Modified 05 Sep 2008 05:00:57
Published 07 Mar 2006 05:06:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1067

Summary

Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value.

Vulnerable Systems


References

BUGTRAQ - 20060306 RE: linksys router + irc DoS

BUGTRAQ - 20060303 linksys router + irc DoS

BUGTRAQ - 20060304 Various router DoS

BUGTRAQ - 20060306 Re: linksys router + irc DoS

MISC - http://www.hm2k.org/news/1141413208.html

XF - multiple-vendor-dccsend-dos(25230)

BID - 16954


Last Updated: 27 May 2016 10:41:54