Vulnerability Name:

CVE-2006-1068 (CCN-25230)

Assigned:2006-03-03
Published:2006-03-03
Updated:2018-10-18
Summary:Netgear 614 and 624 routers, possibly running VXWorks, allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value.
This vulnerability may affects NetGear Router models 614 and 624 (including WGR614, WGT624, WGT624SC, WGU624, and possibly others) and is most likely related to VXWorks.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: BugTraq Mailing List, Fri Dec 30 2005 - 01:00:56 CST
Various router DoS

Source: CCN
Type: BugTraq Mailing List, Fri Mar 03 2006 - 17:46:08 CST
linksys router + irc DoS

Source: MITRE
Type: CNA
CVE-2006-1067

Source: MITRE
Type: CNA
CVE-2006-1068

Source: MISC
Type: Exploit
http://www.hm2k.org/news/1141413208.html

Source: CCN
Type: OSVDB ID: 60407
NETGEAR Multiple Router Malformed DCC IRC SEND String Handling Remote DoS

Source: CCN
Type: OSVDB ID: 60408
Cisco Linksys WRT54G Malformed DCC IRC SEND String Handling Remote DoS

Source: BUGTRAQ
Type: UNKNOWN
20060304 Various router DoS

Source: BUGTRAQ
Type: UNKNOWN
20060303 linksys router + irc DoS

Source: BUGTRAQ
Type: Vendor Advisory
20060306 Re: linksys router + irc DoS

Source: BUGTRAQ
Type: UNKNOWN
20060306 RE: linksys router + irc DoS

Source: BID
Type: UNKNOWN
16954

Source: CCN
Type: BID-16954
Multiple Router Vendor Remote IRC Denial Of Service Vulnerability

Source: XF
Type: UNKNOWN
multiple-vendor-dccsend-dos(25230)

Source: XF
Type: UNKNOWN
multiple-vendor-dccsend-dos(25230)

Vulnerable Configuration:Configuration 1:
  • cpe:/h:netgear:netgear_router:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:linksys:wrt54g:*:*:*:*:*:*:*:*
  • OR cpe:/h:netgear:wgt624:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    netgear netgear router *
    linksys wrt54g *
    netgear wgt624 *