Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15365
HistoryDec 11, 2006 - 12:00 a.m.

D-LINK DWL-2000AP+ remote DoS

2006-12-1100:00:00
vulners.com
7
JSON

D-LINK DWL-2000AP+ with firmware version 2.11 is prone to two remote denial of service vulnerability
because it fails to handle arp flooding.
The first vuln causes the wireless link (802.11) to be resetted and the arp table to be rebuilded. All
clients connected to the AP are disconnected.
This bug can be triggered by sending lots of arp replies through the wired link or the radio one at a
very high speed.
The second vulnerability affects the wireless link only and are quite harder to trigger but causes the
AP firmware to crash making a manual reboot mandatory.
This bug can be triggered only if no other D-LINK ethernet products are visible to AP, if wep
encryption is enabled and it needs a very large amount of arp-requests to be broadcasted through its
wireless link at a very high speed.
This exploit works in the 90% of cases because sometimes the AP is able to ban the flooding client
before the exploiting process is complete.
D-LINK doesn't support this product anymore so no solution is available.
Other products can be vulnerable.

Not vulnerable: DWL-700AP

Proof-of-concept availale,
it floods an ethernet device with arp-reply or arp-request
http://tripp.dynalias.org/arpflood.c

cheers

-poplix

JSON