May 19, 2015 SC Magazine
Long list of devices believed to be affected by
NetUSB vulnerability
The vulnerability was identified by researchers with SEC Consult, who initially discovered the issue in on a TP-LINK device.
The vulnerability was identified by researchers with SEC Consult, who initially discovered the issue in on a TP-LINK device.
Potentially
millions of devices around the globe – notably routers – are vulnerable
due to a remotely exploitable kernel stack buffer overflow (CVE-2015-3036)
identified in NetUSB, a Linux kernel module developed by Taiwan-based KCodes
that is used to provide USB device sharing on a home network.
The issue
presents itself when a client sends the computer name as part of the
“connection initiation,” a Tuesday blog post stated, explaining that the stack
buffer overflows when specifying a name longer than 64 characters.
“Because of
insufficient input validation, an overly long computer name can be used to
overflow the “computer name” kernel stack buffer,” according to a Tuesday advisory. “This results in memory
corruption which can be turned into arbitrary remote code execution [or
denial-of-service].”
The vulnerability was identified by researchers
with SEC Consult, who initially discovered the issue in on a TP-LINK device and
later verified that the bug exists in the most recent firmware versions of
TP-LINK TL-WDR4300 V1, TP-LINK TL-WR1043ND V2, and NETGEAR WNDR4500.
SEC Consult
went on to identify NetUSB in the most recent firmware versions of several
other products, including D-Link DIR-615 C, as well as several other NETGEAR,
TP-Link, TRENDnet, and ZyXEL devices.
Altogether,
based on data embedded in KCodes drivers, researchers believe the following are
among vendors that are affected: ALLNET, Ambir Technology, AMIT, Asante,
Atlantis, Corega, Digitus, D-Link, EDIMAX, Encore Electronics, EnGenius,
HawkingTechnology, IOGEAR, LevelOne, LONGSHINE, NETGEAR, PCI, PROLiNK, Sitecom,
TP-LINK, TRENDnet, Western Digital, and ZyXEL.
According to
the advisory, SEC Consult contacted KCodes numerous times throughout February
and into March, but a fix was not made available. SEC Consult later contacted
TP-LINK and NETGEAR, as well as CERT Coordination Center (CERT/CC) and other
CERTs, before making a public disclosure.
“To this day,
only TP-LINK released fixes for the vulnerability and provided a release
schedule for about 40 products,” the blog post said. “Sometimes NetUSB can be
disabled via the web interface, but at least on NETGEAR devices this does not
mitigate the vulnerability. NETGEAR told us, that there is no workaround
available, the TCP port can't be firewalled nor is there a way to disable the
service on their devices.”
According to a
CERT/CC advisory, blocking port 20005 on the local network could
help mitigate the issue by preventing access to the service.
============================================Good Netiquette And A Green Internet To All!
============================================
Great
Reasons for Purchasing Netiquette IQ
·
Get more
email opens. Improve 100% or more.
·
Receive
more responses, interviews, appointments, prospects and sales.
·
Be better
understood.
·
Eliminate
indecision.
·
Avoid
being spammed 100% or more.
·
Have
recipient finish reading your email content.
·
Save time
by reducing questions.
·
Increase
your level of clarity.
·
Improve
you time management with your email.
·
Have
quick access to a wealth of relevant email information.
Enjoy
most of what you need for email in a single book.
=====================================================
**Important note** - contact our sister company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions:
www.tabularosa.net
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.
Lastly, I
am the founder and president of Tabula
Rosa Systems, a company that provides “best of breed” products for network,
security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT
product information for virtually anyone.
==============================================
No comments:
Post a Comment