Zyxel Router Zynos SMB Data Handling Denial of Service Vulnerability

Bugtraq ID:	23061
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Mar 20 2007 12:00AM
Updated:	Mar 20 2007 11:34PM
Credit:	Joxean Koret is credited with the discovery of this vulnerability
Vulnerable:	ZyXEL ZyNOS 3.40
Not Vulnerable:

Zyxel Router Zynos SMB Data Handling Denial of Service Vulnerability

Zyxel Routers running the ZynOS operating system are prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected device, denying further network service to legitimate users.

This issue affects Zyxel routers running ZynOS version 3.40.

Zyxel Router Zynos SMB Data Handling Denial of Service Vulnerability

Attackers can exploit this issue by using readily available network utilities.

The following proof of concept is available:

sr(SMBMailSlot(name='\\M'))

Zyxel Router Zynos SMB Data Handling Denial of Service Vulnerability

Solution:
Currently, we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please email us at: mailto:[email protected].

Zyxel Router Zynos SMB Data Handling Denial of Service Vulnerability

References:

• Vendor Homepage (ZyXEL)
  
• ZynOS v3.40 One packet killer ([email protected])