|
Netgear RP114 URL Filtering Bypass and Denial of Service
|
|
Secunia Advisory:
|
SA11698
|
|
|
Release Date:
|
2004-05-25
|
|
Last Update:
|
2005-12-13
|
|
Popularity:
|
8,931 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Security Bypass
DoS
|
|
Where:
|
From local network
|
|
Solution Status:
|
Unpatched
|
|
| OS: | Netgear RP114
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Marc Ruef has reported two vulnerabilities in Netgear RP114, which can be exploited by malicious people to cause a DoS (Denial of Service) and bypass the URL filtering functionality.
1) An error within the handling of requested URLs can be exploited to access a website containing filtered keywords by supplying an overly long (about 220 bytes), specially crafted request.
Example where domain name is a filtered keyword:
http://www.[filtered_keyword]/?%20%20%20...[x70]...%20%20%20
2) An error in the handling of multiple connections can be exploited via TCP SYN flooding attacks (more than 740 persistent and half-open connections) to temporary stop routing between the internal and external interface.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
