Sunday, May 24, 2015

Tabula Rosa Systems Blog Of 5/24/2015 - Long List Of Devices Believed To Be Affected by NetUSB Vulnerability

May 19, 2015 SC Magazine

Long list of devices believed to be affected by NetUSB vulnerability
The vulnerability was identified by researchers with SEC Consult, who initially discovered the issue in on a TP-LINK device.
Potentially millions of devices around the globe – notably routers – are vulnerable due to a remotely exploitable kernel stack buffer overflow (CVE-2015-3036) identified in NetUSB, a Linux kernel module developed by Taiwan-based KCodes that is used to provide USB device sharing on a home network.
The issue presents itself when a client sends the computer name as part of the “connection initiation,” a Tuesday blog post stated, explaining that the stack buffer overflows when specifying a name longer than 64 characters.
“Because of insufficient input validation, an overly long computer name can be used to overflow the “computer name” kernel stack buffer,” according to a Tuesday advisory. “This results in memory corruption which can be turned into arbitrary remote code execution [or denial-of-service].”
The vulnerability was identified by researchers with SEC Consult, who initially discovered the issue in on a TP-LINK device and later verified that the bug exists in the most recent firmware versions of TP-LINK TL-WDR4300 V1, TP-LINK TL-WR1043ND V2, and NETGEAR WNDR4500.
SEC Consult went on to identify NetUSB in the most recent firmware versions of several other products, including D-Link DIR-615 C, as well as several other NETGEAR, TP-Link, TRENDnet, and ZyXEL devices.
Altogether, based on data embedded in KCodes drivers, researchers believe the following are among vendors that are affected: ALLNET, Ambir Technology, AMIT, Asante, Atlantis, Corega, Digitus, D-Link, EDIMAX, Encore Electronics, EnGenius, HawkingTechnology, IOGEAR, LevelOne, LONGSHINE, NETGEAR, PCI, PROLiNK, Sitecom, TP-LINK, TRENDnet, Western Digital, and ZyXEL.
According to the advisory, SEC Consult contacted KCodes numerous times throughout February and into March, but a fix was not made available. SEC Consult later contacted TP-LINK and NETGEAR, as well as CERT Coordination Center (CERT/CC) and other CERTs, before making a public disclosure.
“To this day, only TP-LINK released fixes for the vulnerability and provided a release schedule for about 40 products,” the blog post said. “Sometimes NetUSB can be disabled via the web interface, but at least on NETGEAR devices this does not mitigate the vulnerability. NETGEAR told us, that there is no workaround available, the TCP port can't be firewalled nor is there a way to disable the service on their devices.”
According to a CERT/CC advisory, blocking port 20005 on the local network could help mitigate the issue by preventing access to the service.
Good Netiquette And A Green Internet To All!


Great Reasons for Purchasing Netiquette IQ
·         Get more email opens.  Improve 100% or more.
·         Receive more responses, interviews, appointments, prospects and sales.
·         Be better understood.
·         Eliminate indecision.
·         Avoid being spammed 100% or more.
·         Have recipient finish reading your email content. 
·         Save time by reducing questions.
·         Increase your level of clarity.
·         Improve you time management with your email.
·        Have quick access to a wealth of relevant email information.
Enjoy most of what you need for email in a single book.


**Important note** - contact our sister company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:

In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:

 If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications. 

Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone.

No comments:

Post a Comment