[LWN Logo]

Date:         Wed, 20 Oct 1999 19:40:31 +0200
From: Aviram Jenik <aviram@SECURITEAM.COM>
Subject:      DoS in Eicon ISDN Modem is now fixed
To: BUGTRAQ@SECURITYFOCUS.COM

Hi.

Björn Stickler has reported a DoS attack on Eicon ISDN modems. I have a
short update on this matter, which will probably be interesting for Eicon
customers.

A short recap: Björn wrote about a possible Denial-of-Service attack on the
Diva Lan ISDN modem by accessing a certain URL the mode can't handle.
We have contacted Eicon, and they informed us of the following:
1. In the default configuration this attack can only be performed from the
local network, and *not* from the Internet.
2. Eicon has released a new firmware which fixes this issue completely. New
versions of the Diva Lan modem are already shipped with the new firmware,
and current users can download the new firmware from Eicon's web site.

Thumbs up to Eicon for their quick response on this matter.

A description of this problem and correction is available at:
http://www.securiteam.com/exploits/Eicon_s_ISDN_Modem_is_vulnerable_to_a_Den
ial-of-Service_attack.html

-------------------------
Aviram Jenik
SecuriTeam
http://www.securiteam.com