Published:2011/10/28 Last Updated:2011/10/28
JVN#72640744
Multiple D-Link products vulnerable to buffer overflow
Overview
Multiple D-Link products contain a buffer overflow vulnerability.
Products Affected
- DES-3800 series firmware prior to R4.50B052
- DWL-2100AP firmware prior to 2.50RC548
- DWL-3200AP firmware prior to 2.55RC549
Description
Multiple D-Link products contain a buffer overflow vulnerability due to a SSH implementation issue.
Impact
A remote attacker may cause a denial of service (DoS) or execute arbitrary code.
Solution
Update the Firmware
Update to the latest version of firmware according to the information provided by the developer.
Apply a workaround
The following workaround may mitigate the affects of this vulnerability.
- Disable the SSH function
Vendor Status
| Vendor | Link |
| D-Link Japan | DL-VU2011-001 "vulnerability in the SSH function" (Japanese only) |
| Top page (Japanese only) |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2011.10.31
| Measures | Conditions | Severity |
|---|---|---|
| Access Required | can be attacked over the Internet using packets |
|
| Authentication | anonymous or no authentication (IP addresses do not count) |
|
| User Interaction Required | the vulnerability can be exploited without an honest user taking any action |
|
| Exploit Complexity | some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls) |
|
Credit
Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2011-3992 |
| JVN iPedia |
JVNDB-2011-000092 |