Overclock.net › Forums › Industry News › Hardware News › [Ars] ‘90s-style security flaw puts “millions” of routers at risk
New Posts  All Forums:Forum Nav:

[Ars] ‘90s-style security flaw puts “millions” of routers at risk

post #1 of 24
Thread Starter 
Quote:

A security firm has found that a Linux kernel driver called NetUSB contains an amateurish error that can be exploited by hackers to remotely compromise any device running the driver. The driver is commonly found in home routers, and while some offer the ability to disable it, others do not appear to do so.

 

NetUSB is developed by Taiwanese company KCodes. The purpose of the driver is to allow PCs and Macs to connect to USB devices over a network, so that these devices can be shared just by plugging them into a Wi-Fi router or similar. To do this, a driver is needed at each end; a client driver on the PC or Mac, and a server driver on the router itself.

 

This router-side driver listens to connections on TCP port 20005, and it's this driver that contains a major security flaw. SEC Consult Vulnerability Lab, which publicised the problem, discovered that the Linux driver contains a simple buffer overflow. As part of the communication between client and server, the client sends the name of the client computer; if this name is longer than 64 bytes, the buffer overflows. The company says that this overflow can be exploited to enable both denial of service (crashing the router), and remote code execution.

 

Source

 

Security Advisory

 

Check the "Vulnerable / tested versions" section in the security advisory, to see if your router is listed. The list isn't 100% complete, but it should help you get started.

 

Options/workarounds are to wait for a firmware update, switch to a custom firmware that isn't vulnerable, purchase a new router, or disable NetUSB.

post #2 of 24
Jokes on them, I use a dumbswitch biggrin.gif
AMD
(13 items)
 
Intel
(7 items)
 
Home Server
(11 items)
 
CPUMotherboardGraphicsGraphics
AMD FX-8350 Asus M5A99FX Pro MSI Radeon R9-280x MSI Radeon R9-280x 
RAMHard DriveOptical DriveCooling
Crucial Ballistics 8GB DDR3 Cruical MX100 128GB SSD Samsung DVD-RW Cooler Master Hyper Evo 212 
OSMonitorKeyboardPower
Windows 10 Technical Preview Philips 55PFS6909/12 Logitech MX3200 Chieftec 750W 
Mouse
Khaos Limited Edition 
CPUMotherboardGraphicsRAM
Intel Core i5-4200U ACER BA50 AMD HD8750M 4GB DDR3 
Hard DriveOSMonitor
750GB HDD Windows 10 TP 15,6" 
CPUCPUMotherboardGraphics
AMD Opteron 2373EE AMD Opteron 2373EE Dell Socket Fr5 XGI® Z9s with 32MB DDRII VRAM 
RAMHard DriveOptical DriveCooling
32GB DDRII ECC 1TB HDD 7200rpm N/A Passive 
OSPowerCase
Ubuntu Server 600W Dell PowerEdge CS24-NV7 
  hide details  
Reply
AMD
(13 items)
 
Intel
(7 items)
 
Home Server
(11 items)
 
CPUMotherboardGraphicsGraphics
AMD FX-8350 Asus M5A99FX Pro MSI Radeon R9-280x MSI Radeon R9-280x 
RAMHard DriveOptical DriveCooling
Crucial Ballistics 8GB DDR3 Cruical MX100 128GB SSD Samsung DVD-RW Cooler Master Hyper Evo 212 
OSMonitorKeyboardPower
Windows 10 Technical Preview Philips 55PFS6909/12 Logitech MX3200 Chieftec 750W 
Mouse
Khaos Limited Edition 
CPUMotherboardGraphicsRAM
Intel Core i5-4200U ACER BA50 AMD HD8750M 4GB DDR3 
Hard DriveOSMonitor
750GB HDD Windows 10 TP 15,6" 
CPUCPUMotherboardGraphics
AMD Opteron 2373EE AMD Opteron 2373EE Dell Socket Fr5 XGI® Z9s with 32MB DDRII VRAM 
RAMHard DriveOptical DriveCooling
32GB DDRII ECC 1TB HDD 7200rpm N/A Passive 
OSPowerCase
Ubuntu Server 600W Dell PowerEdge CS24-NV7 
  hide details  
Reply
post #3 of 24
How do you even miss bounds checking in kernel code...
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #4 of 24
Thread Starter 
Quote:
Originally Posted by tompsonn View Post

How do you even miss bounds checking in kernel code...

 

By delegating the development and maintenance to freshmen? :p

post #5 of 24
I use tomato firmwire with asus router, didnt find any NetUSB settings, am i safe?
post #6 of 24
Why everytime I read something along these lines I'm quite sure that Cisco won't be on the list?
post #7 of 24
Come at my FritzBox thumb.gif!
 
QUEEN OF BLADES
(15 items)
 
ASUS U6Sg
(15 items)
 
CPUMotherboardGraphicsRAM
I7 920 REV D0@4.2 HT Asus Rampage II Extreme CFX: ASUS R9 270X DCUII 6GB DDR3 XMP CL6 TRIDENT 
Hard DriveOptical DriveCoolingOS
Vertex 2 180 GB+RAID 0 2 * 1 TB SAMSUNG Sony Optiarc Labelflash Thermalright Venoumous X W7 X64 Ultimate RETAIL 
MonitorKeyboardPowerCase
Dell U2410 IPS Logitech Corsair CMPSU-850TX Antec 1200 
MouseMouse PadAudio
Logitech HAMA Xonar STX / Auzen Forte 
CPUMotherboardGraphicsRAM
XEON 5650X @4.45 GHz  Rampage III Formula PCGH CFX: ASUS R9 280X DCUII 16GB G-SKILL CL9@ 1643 MHz 
Hard DriveOptical DriveCoolingOS
1x 850 Pro 256 GB + 1xWD 500 GB + 2x3TB WD RED Plextor PX-L89OSA Thermalright VX W10 X64 Ultimate RETAIL 
MonitorKeyboardPowerCase
ACER B203W Razer Deathstalker Corsair CMPSU-750TX Antec 902 
MouseMouse PadAudio
Logitech G800S Logitech Gaming  Creative Titanium HD + FiiO E17 
CPUMotherboardGraphicsRAM
Intel Core 2 Duo : T8300 Asus U6000Sg Series Notebook NVIDIA 9300 GS 4GB Kingston CL4 
Hard DriveOptical DriveCoolingOS
Hitachi Ultrastar Asus POS Stock Asus with MX3 W7 x64 Ultimate RETAIL 
MonitorAudio
Asus 12.1 " LED Creative X-Fi EX54 
  hide details  
Reply
 
QUEEN OF BLADES
(15 items)
 
ASUS U6Sg
(15 items)
 
CPUMotherboardGraphicsRAM
I7 920 REV D0@4.2 HT Asus Rampage II Extreme CFX: ASUS R9 270X DCUII 6GB DDR3 XMP CL6 TRIDENT 
Hard DriveOptical DriveCoolingOS
Vertex 2 180 GB+RAID 0 2 * 1 TB SAMSUNG Sony Optiarc Labelflash Thermalright Venoumous X W7 X64 Ultimate RETAIL 
MonitorKeyboardPowerCase
Dell U2410 IPS Logitech Corsair CMPSU-850TX Antec 1200 
MouseMouse PadAudio
Logitech HAMA Xonar STX / Auzen Forte 
CPUMotherboardGraphicsRAM
XEON 5650X @4.45 GHz  Rampage III Formula PCGH CFX: ASUS R9 280X DCUII 16GB G-SKILL CL9@ 1643 MHz 
Hard DriveOptical DriveCoolingOS
1x 850 Pro 256 GB + 1xWD 500 GB + 2x3TB WD RED Plextor PX-L89OSA Thermalright VX W10 X64 Ultimate RETAIL 
MonitorKeyboardPowerCase
ACER B203W Razer Deathstalker Corsair CMPSU-750TX Antec 902 
MouseMouse PadAudio
Logitech G800S Logitech Gaming  Creative Titanium HD + FiiO E17 
CPUMotherboardGraphicsRAM
Intel Core 2 Duo : T8300 Asus U6000Sg Series Notebook NVIDIA 9300 GS 4GB Kingston CL4 
Hard DriveOptical DriveCoolingOS
Hitachi Ultrastar Asus POS Stock Asus with MX3 W7 x64 Ultimate RETAIL 
MonitorAudio
Asus 12.1 " LED Creative X-Fi EX54 
  hide details  
Reply
post #8 of 24
Quote:
Originally Posted by Imouto View Post

Why everytime I read something along these lines I'm quite sure that Cisco won't be on the list?

Because Cisco have routers for routing, not for USB sharing.
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #9 of 24
Quote:
Originally Posted by tompsonn View Post

Because Cisco have routers for routing, not for USB sharing.

I said that when a security flaw surfaces Cisco isn't usually on the list.
post #10 of 24
Quote:
Originally Posted by Imouto View Post

Why everytime I read something along these lines I'm quite sure that Cisco won't be on the list?

because they go to long lengths to hide their 'features' ( so it doesn’t become a well known attack vector) and if you have any time administering enterprise class hardware you will know by their website its VERY hard to find if the bug/vulnerability has been patched.

cisco are like the nvidia of the networking world.


that said in reliability terms their kit is both expensive but amazingly solid.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Hardware News
Overclock.net › Forums › Industry News › Hardware News › [Ars] ‘90s-style security flaw puts “millions” of routers at risk