Buffalo WBR-G54 (Firmware 1.30) is not vulnerable. It answers with "bad request" and the http server continues working without problems. ---- clip --- [stnz@starship stnz]# nc 192.168.11.1 80 GET HTTP/1.0 400 Bad Request Server: micro_httpd Date: Tue, 01 Jan 2002 06:04:15 GMT Content-Type: text/html Connection: close <HTML><HEAD><TITLE></TITLE><meta http-equiv="Pragma" content="no-cache"></HEAD> <BODY BGCOLOR="#FFFFFF"> Can't parse request. ---- clip --- - Ystävällisin terveisin/Best Regards Turun Tietokeskus Oy/Eerik Kiskonen Tekninen asiantuntija/Technical specialist Satakunnantie 110, 20320 TURKU, Finland Direct. +358-2-273 4244 Fax. +358-2-273 4220 E-mail: eerik.kiskonen@toptronics.fi Web. http://www.turuntietokeskus.fi Michael Renzmann <security@dylanic.de> 04.12.2003 06:33 To: test@techcentric.net cc: bugtraq@securityfocus.com Subject: Re: Linksys WRT54G Denial of Service Vulnerability Hi all. test@techcentric.net wrote: > Linksys WRT54G Denial of Service Vulnerability There are some devices out there that are technically identical to the WRT54G (for example the Buffalo WBR-G54). Can anyone confirm whether they share this issue? Bye, Mike
