CVE-2002-1236

Description

The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments.

Affected products

• linksys / befsr411.40.2 – 1.40.2
• linksys / befsr411.41 – 1.41
• linksys / befsr411.42.3 – 1.42.3
• linksys / befsr411.42.7 – 1.42.7

References

• MISChttp://archives.neohapsis.com/archives/vulnwatch/2002-q4/0049.html
• MISChttp://www.securityfocus.com/bid/6086
• MISChttp://www.idefense.com/advisory/10.31.02a.txt
• MISChttp://www.iss.net/security_center/static/10514.php
• MAILING_LISThttp://marc.info/?l=bugtraq&m=103616324103171&w=2