BugTraq,
This has been submitted to CERT as well. Here is the form I sent to them:
CONTACT INFORMATION
============================================================================
===
Let us know who you are:
Name : Omkhar Arasaratnam
E-mail : omkhar@ca.ibm.com
Phone / fax : 416.991.1301/416.383.3316
Affiliation and address: IBM Canada Ltd.
Have you reported this to the vendor? yes
If so, please let us know whom you've contacted:
Date of your report : 12/26/2001
Vendor contact name : Paul Marino
Vendor contact phone : 408-907-8085
Vendor contact e-mail : paul.marino@netgear.com
Vendor reference number : 20485470
If not, we encourage you to do so--vendors need to hear about
vulnerabilities from you as a customer.
POLICY INFO
============================================================================
===
We encourage communication between vendors and their customers. When
we forward a report to the vendor, we include the reporter's name and
contact information unless you let us know otherwise.
If you want this report to remain anonymous, please check here:
___ Do not release my identity to your vendor contact.
TECHNICAL INFO
============================================================================
===
If there is a CERT Vulnerability tracking number please put it
here (otherwise leave blank): VU#______.
Please describe the vulnerability.
---------------------------------
This vulnerability is in regards to the Netgear RP114 router/NAT. This is a
simple solution that allows home users to share their cable modem / DSL
connection. One of the features of this NAT is port filtering. If the router
is told to drop all packets < 1024, and the WAN port is port scanned, the
router will lock. This has been demonstrated on several occasions to Netgear
engineering using nmap.
What is the impact of this vulnerability?
----------------------------------------
For the duration of the scan, no inbound/outbound traffic through the WAN
port.
To your knowledge is the vulnerability currently being exploited?
----------------------------------------------------------------
no
If there is an exploitation script available, please include it here.
--------------------------------------------------------------------
n/a
Do you know what systems and/or configurations are vulnerable?
-------------------------------------------------------------
Any customer who has this router attached to a cable modem / DSL modem in a
similar configuration.
System : RP-114
OS version : 3.26 (firmware)
Verified/Guessed: Verified, may also happen without port filtering
configured.
Are you aware of any workarounds and/or fixes for this vulnerability?
--------------------------------------------------------------------
no
OTHER INFORMATION
===========================================================================
Is there anything else you would like to tell us?
Netgear support has not been very co-operative thus far.
