Title: Westell Versalink 327W LanD Packet Denial Of Service Vulnerability
Severity: MODERATE
Description:
Westell Versalink 327W is a consumer DSL router and modem.
Westell Versalink 327W is prone to a denial of service vulnerability. These devices are susceptible to a remote denial of service vulnerability when handling TCP 'LanD' packets.
This issue presents itself when the device attempts to process 'LanD' TCP packets. These packets have their source and destination IP addresses set to IP addresses configured on the targeted multihomed device. If a device has an external IP address of 1.2.3.4, and an internal address of 192.168.1.1, then an attacker may send TCP packets destined for 1.2.3.4 with a spoofed source address of 192.168.1.1. The device fails to properly handle packets such as this, and crashes.
Reportedly, TCP 'LanD' packets containing the PUSH, ACK, SYN, and URG flags may cause affected devices to crash, Packets without these flags may result in a temporary failure to route further traffic.
This issue allows remote attackers to crash affected devices, or to temporarily block further network routing functionality. This will deny further network services to legitimate users.
Westell Versalink 327W is reportedly affected by this issue. Due to code reuse among devices, other devices may also be affected.
Affected Products:
- Westell Versalink 327W 0.0.0
References:
- Westell: Westell Products Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
