Date: Tue, 23 May 2000 16:48:25 -0800 From: cassius@HUSHMAIL.COM Subject: Cayman 3220H DSL Router Software Update and New Bonus Attack To: BUGTRAQ@SECURITYFOCUS.COM Cayman 3220H DSL Router Software Update and New Bonus Attack Cayman has released a new software image (version 5.5.0 build r1) to fix the DoS attack I reported a couple weeks ago. Details on the attack can be found here -> http://www.securityfocus.com/vdb/bottom.html?vid=1219 You can get the new software image here --> ftp://www.cayman.com/pub/gatorsurf/3220/c8a550R1.COS Unfortunately I found another attack right about the same time they notified me about the software update. Versions 5.5 Build R0, 5.3 Build R2, 5.3 Build R1, probably all other versions and the latest update are vulnerable to ping of death attacks. Vendor has been notified. Exploit: ping -t -l 65500 victim.example.com All replies will say "Request timed out." Send it some normal pings too. When you get time outs from normal sized pings the attack should be done. I have had all kinds of different results from this. Sometimes it stops telnet and http admin services. Other times the services stay up but the router restarts without routing. If the router survives just keep hammering it. It will eventually hose in one way or another. -Cassius IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages. Get your FREE, totally secure email address at http://www.hushmail.com.