netgear router exploits

Post by xalted »

I have no clue where this actually belongs, so maybe here is safe?

There's currently an exploit that allows a public message to throw every Netgear router user offline.. It works on several models, and some routers that arne't even Netgear. Ok, fine, so if some moron pastes it in a small channel and someone disconnects, that's a shame, but a wicked botnet or even a couple spam bots pasting it could create utter chaos, especially on bigger channels.

The exploit only seems to work if the user connects to the ircd using the "noraml" irc ports, so for example another network opened port 8001 as a woraround.

No, there is no patch yet, and it's not specifically a problem with undernet ircd servers or even clients themselves. It does however effect a very large number of users, and I've tested the exploit on myself on Undernet, so I do know it works here.

I have no idea if it would be feasible to grep/filter output, that would probably cause an enormous server load. And many users might not even be aware of the problem yet, but there are sites showing the line or lines that can be pasted to perform the exploit, so yes, some bot master script kiddie will sooner or later add the line to their spam messages.

No, I'm not going to post the exploit here, that would just be dumb. And like I said, I'm not sure what can be done about it, but the exploit is at least worth mentioning so that people are aware of it.

Post by Mitko »

As far as I can see this is Netgear's fault. It's users should complain to it's company, no ?
Post by panchyee »

How to troubleshoot for a linksys router that won't connect to the internet? The linksys router is wrt54g. I pulled the internet cable out of the router a few weeks ago and put it directly into the computer, and have been using wired internet since. Now, I want to use my laptop in other parts of the house again, but I cannot connect to the internet. The computer can connect to the wireless itself, but the router is aparently not receiving the internet or not sending it to the computer.

Post by xplora »

for linksys try asking Linksys or Cisco
Post by kbrown5523 »

I did a quick search and there's plenty of information available on this subject. I agree that it's a netgear issue.
