[Am-info] Belkin F5D5230-4 Router Internal Web Request Vulnerability
Fred A. Miller
fm@cupserv.org
Tue, 25 Jun 2002 16:40:16 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Belkin F5D5230-4 Router Internal Web Request Vulnerability
BugTraq ID: 4982
Remote: Yes
Date Published: Jun 10 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4982
Summary:
The Belkin F5D5230-4 4-Port Cable/DSL Gateway Router is a hardware=20
router for a home or small office.
As a feature of the device, it is possible to designate a server on the
internal network which will receive incoming traffic for a given port.=20
For example, the internal web server may receive all port 80 traffic. A
potential issue has been reported in this feature.
Reportedly, a malicious internal attacker may take advantage of this
feature. If the attacker makes a request to the web server, it will=20
appear to originate from the router's external interface. The web=20
server will log the request as originating from this IP address.
A local attacker may be able to take advantage of this vulnerability to
launch attacks against the web server. If detected, the attacks will not
be traced back to the attacker.
- --=20
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
- --- SuSE Linux v8.0 Pro, Netscape 7.0---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj0Y1TAACgkQB9vk4ichYXfMLgCfc5EPegeHUt8TeIVqg1e2Jpk3
l0UAniaiFOibRukhUYENPPAAmRvGGBaf
=3DPxoL
-----END PGP SIGNATURE-----