Thomas, I have a DI-614+ that I use at home and I have noticed a significant number spontaneous reboots lately. A few weeks ago, I installed the beta firmware of Dlink's website thinking that that would solve the issue but that did not work either. I have not run any scanner on my device just every now and then my wireless pcmcia card will lose connectivity. I even swapped out the card thinking that that was the cause but that did not take care of it. I will try to run the scans you mentioned to reproduce the problem. Please let me know if you discover anything else and hopefully we can get D-link to acknowledge the vulnerability and come up with a solution. I look forward to hearing from you. Thanks, Rick Rick Koenig, CCNA, CCAI Network Engineer Concordia University @ Austin (Office) 512.486.1170 (Cell) 512.771.6570 (Fax) 512.302.5856 koenigr@concordia.edu -----Original Message----- From: Thomas Reinke [mailto:reinke@e-softinc.com] Sent: Wednesday, March 26, 2003 4:46 PM To: bugtraq@securityfocus.com Subject: D-Link DI-614 wiresless router crash/reboots A user of ours has reported that the D-Link DI-614+ Wireless router/firewall is vulnerable to several old, well known vulnerablities. The user was able to reproduce the problem multiple times with consistent results. Not having the equipment, we have NOT reproduced these ourselves, and would appreciate if anyone can corroborate these problems. The vendor was notified on March 13th and has not responded back. Both tests causing problems were reproduced using the Nessus test suite. Test IDs are Nessus test ID numbers and are supplied for reference. Nestea: A Nestea attack applied to the device causes the device to spontaneously reboot. The device is out of operation for only a few seconds and is then back in service with no other known impact. Ref: http://www.securityspace.com/smysecure/catid.html?id=10148 Linux 0 length fragment bug: Sending the appropriate packet causes the device to crash requiring a power off-on cycle to recover. Ref: http://www.securityspace.com/smysecure/catid.html?id=10134 If anyone can support that their device does or does not behave similarly it would be appreciated. Thomas -- SecuritySpace http://www.securityspace.com
