<<< Date Index >>>     <<< Thread Index >>>

Zyxel Prestige 681 SDSL router information leak



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Zyxel P681 with ZyNOS S/W Version: Vt020225a | 2/25/2002 installed leaks
random portions of memory in ARP requests:

21:47:05.709295 arp who-has x.x.x.x tell x.x.x.x
0x0000   0001 0800 0604 0001 00a0 c526 3cc1 xxxx        ................
0x0010   xxxx 0000 0000 0000 xxxx xxxx 0a48 6f73        .............Hos
0x0020   743a 3233 392e 3235 352e 3235 352e             t:239.255.255.

and after telnet login, packets contains fragments of session!

21:48:24.804384 arp who-has x.x.x.x tell x.x.x.x
0x0000   0001 0800 0604 0001 00a0 c526 3cc1 xxxx        ................
0x0010   xxxx 0000 0000 0000 xxxx xxxx 5b32 323b        ............[22;
0x0020   3439 4833 392e 3235 352e 3235 352e             49H39.255.255.

21:50:34.537114 arp who-has x.x.x.x tell x.x.x.x
0x0000   0001 0800 0604 0001 00a0 c526 3cc1 xxxx        ................
0x0010   xxxx 0000 0000 0000 xxxx xxxx 4849 6e66        ............HInf
0x0020   6f72 6d61 7469 6f6e 1b5b 363b 3439             ormation.[6;49

21:51:00.175642 arp who-has x.x.x.x tell x.x.x.x
0x0000   0001 0800 0604 0001 00a0 c526 3cc1 xxxx        ................
0x0010   xxxx 0000 0000 0000 xxxx xxxx 3333 4856        ............33HV
0x0020   6572 7369 6f6e 3a35 352e 3235 352e             ersion:55.255.

21:52:01.542252 arp who-has x.x.x.x tell x.x.x.x
0x0000   0001 0800 0604 0001 00a0 c526 3cc1 xxxx        ................
0x0010   xxxx 0000 0000 0000 xxxx xxxx 3b33 3748        ............;37H
0x0020   6f72 1b5b 3231 3b34 3048 5245 5455             or.[21;40HRETU


- --
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NICHDL: PMF9-RIPE *
* JID: venglin@xxxxxxxxxxxxxxx ** PGP ID: 2578FCAD ** HAM-RADIO: SQ8JIV *
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBRfuHkxEnBiV4/K0RAtXYAKCjA/6gHjDH8tEoESOC/Xql00+ZhQCgtVFx
PP96Pg8gPC4KHb7dXWLDpXU=
=sUX9
-----END PGP SIGNATURE-----