++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ DOS Attack & url filter bypass in Netgear DG384 (HTTP service)     +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Release date:
05/11/2004

Product:
Netgear DG834 (Firmware Version: V1.05.00)
 
Description:
Combines ADSL modem, router, 10/100 LAN switch, and firewall
Shares a single IP address with up to 253 users 
Smart Wizard™ Install Assistant detects/connects to your ISP 
True Firewall with Stateful Packet Inspection (SPI) & Intrusion Control, Denial of Service (DoS) 
  
All-in-one Gateway for Always-on Broadband Access with Internet Sharing
Four products in one, this multitalented firewall router combines an ADSL modem, router, four-port
10/100 LAN switch, and SPI True Firewall to deliver broadband access that's continuously available
for sharing with all your networked devices. Simple to use, it plugs directly into your ADSL line for
instant connectivity to network resources and the Internet, and an integrated switch lets you directly
connect up to four computers or any combination of four computers, access points or printers. Setup
couldn't be easier with NETGEAR's unique Smart Wizard™ Install Assistant helps to guide you each step
of the way. The Smart Wizard™ also automatically detects and makes the optimal connection to your ISP
while the True Firewall protects your network with business-class security against intruders, including
logs and alerts of break-in attempts. VPN pass-through makes it safe to connect to your business
network from home or office. The unit's contemporary, sleek design suits your home or office, and it's 
wall mountable to save valuable desk space. Upgradeable with new enhancements via the Internet.

Secure
True Firewall using Stateful Packet Inspection (SPI) and Intrusion Control features Denial of Service 
protection from hacker attacks, while VPN (Virtual Private Network) pass-through permits secure access
to your office or corporate network and enables you to host VPN services. Content filtering lets you
control access to inappropriate web sites and limit usage by time of day. Logs browsing activities and
provides optional e-mail alerts so you can monitor access. DMZ support allows unrestricted access from
the Internet to one computer (for hosting web services).
 

Details:
Two vulnerabilities have been found in Netgear DG384.
issue 1: Administrative web Denial of service
issue 2: URL filter bypass

issue 1:
The first vulnerability can be exploited by 
malicious people to cause a DoS (Denial of Service).The issue is caused due to an error in the 
connection handling, which can be exploited to block legitimate access to the administrative web 
interface on port 80 by establishing 100 connections. This prevents further connections from being
established. The router has to be restarted for the Http service manually to become functional.


issue 2: 
The second vulnerability can be exploited by malicious people to bypass the URL filtering functionality
as blocked hosts are not check against IP adresses.


Workaround:
issue 1: Allow only trusted IP addresses to connect to administrative interfaces.
issue 2: Use another product for restricting access to specific websites.


Credit:
Dr_insane


Feedback
Please send your comments to: dr_insane@pathfinder.gr




----------------------------------
Otan xarazei. o protos stenagmos 
bgenei apo ta pio sfigmena xili
San petalouda sthn kamari peta
psaxnontas anoigma na figei.

Kainourgia mera , kainourgios potamos
Stis ekboles toy tha prosferei
osa xathikan , osa xexastikan
kai osa gi ayta kaneis den xerei.

----------------------------------
Yiannis Pomonis
Uk - Guildford
dr_insane@pathfinder.gr


______________________________________________________________________________________
http://mobile.pathfinder.gr - Pathfinder Mobile logos & Ringtones! 
http://www.pathfinder.gr - ÄùñåÜí mail áðü ôïí Pathfinder!