Description: eEye Digital Security has reported a vulnerability in various D-Link routers, which can be exploited by malicious people to compromise a vulnerable network device.
The vulnerability is caused due to a boundary error in the UPnP service when processing "M-SEARCH" requests. This can be exploited to cause a stack-based buffer overflow by sending an "M-SEARCH" request with an overly long string (about 800 bytes) to port 1900/UDP.
Successful exploitation allows execution of arbitrary code.
Solution: Updates are available for download from the D-Link web site.
Provided and/or discovered by: Barnaby Jack, eEye Digital Security.
Changelog: 2006-07-20: Added CVE reference.
2006-08-04: Added link to US-CERT.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.