Zyxel Router Zynos SMB 数据处理 拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1112490 漏洞类型 其他
发布时间 2007-03-20 更新时间 2007-03-27
CVE编号 CVE-2007-1586 CNNVD-ID CNNVD-200703-501
漏洞平台 Hardware CVSS评分 7.8
|漏洞来源
https://www.exploit-db.com/exploits/29767
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200703-501
|漏洞详情
ZynOS3.40版本允许远程攻击者借助SMBMailSlotProtocol,发送一个对name\M的请求,引起拒绝服务攻击(链接重新开始)。
|漏洞EXP
source: http://www.securityfocus.com/bid/23061/info

Zyxel Routers running the ZynOS operating system are prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected device, denying further network service to legitimate users.

This issue affects Zyxel routers running ZynOS version 3.40. 

sr(SMBMailSlot(name='\\M'))
|参考资料

来源:BID
名称:23061
链接:http://www.securityfocus.com/bid/23061
来源:BUGTRAQ
名称:20070319ZynOSv3.40Onepacketkiller
链接:http://www.securityfocus.com/archive/1/archive/1/463238/100/0/threaded
来源:SECTRACK
名称:1017795
链接:http://securitytracker.com/id?1017795
来源:OSVDB
名称:34522
链接:http://osvdb.org/34522