Date: Fri, 5 May 2000 16:56:56 -0800 From: cassius@HUSHMAIL.COM Subject: Cayman 3220-H DSL Router DOS To: BUGTRAQ@SECURITYFOCUS.COM -[ Cayman 3220-H DSL Router DOS ]- [ Intro ] Simple DOS attack against Cayman 3220-H DSL Router. This message has been copied to Cayman. [ Description ] Large username or password strings sent to the Cayman HTTP admin interface restart the router. Router log will show "restart not in response to admin command". [ Tested Versions ] Hardware: Cayman-DSL Model 3220-H, DMT-ADSL (Alcatel) plus 4-port hub Software: GatorSurf version 5.3.0 (build R1) GatorSurf version 5.3.0 (build R2) GatorSurf version 5.5.0 (build R0) <most recent version> [ Exploit ] Open URL for router admin interface in your browser. Username: ...................(x79 or more) After router restarts (10 seconds) hit refresh on your browser if you want to down it again. If you want to be lame you could code this to keep a router down all day long. - email@example.com IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages. Get your FREE, totally secure email address at http://www.hushmail.com.