ID
VAR-200612-0787
TITLE
D-LINK DWL-2000AP + Remote Denial of Service Vulnerability
Trust: 0.6
DESCRIPTION
D-LINK DWL-2000AP + is a popular wireless access router. DWL-2000AP + has a vulnerability in processing a large number of ARP requests, and remote attackers may use this vulnerability to cause the device to malfunction. D-LINK DWL-2000AP + did not properly handle the arp flood, resulting in two denial of service vulnerabilities. If an attacker can send a large number of arp replies at a high speed through a wired connection or broadcast, it will cause the wireless connection (802.11) to be reset and the arp table rebuilt, and all clients connected to the AP will be disconnected. The second vulnerability only affects wireless connections. If there are no other D-LINK Ethernet products in the AP range and wep encryption is enabled, an attacker can broadcast a large number of arp requests through a wireless connection at high speed, causing a denial of service. This attack works only 90% of the time, because APs can sometimes ban the client that sent the flood before completing the attack.
Trust: 0.6
IOT TAXONOMY
| category: | ['IoT'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | none | model: | - | scope: | - | version: | - | Trust: 0.6 |
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2006-9031 | Trust: 0.6 |
SOURCES
| db: | CNVD | id: | CNVD-2006-9031 |
LAST UPDATE DATE
2022-05-04T09:41:08.155000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2006-9031 | date: | 2006-12-12T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2006-9031 | date: | 2006-12-11T00:00:00 |