Denial of Service Database


From: Virsoft (virsoft@VIRSOFT.COM)
To: BUGTRAQ@netspace.org
Date: Mon, 25 Jan 1999 01:03:02 -0700
Subject: baynetworks router DoS

In the last night, i was testing DoS with several Baynetworks routers (serie 1000). I discovered that
they reset when you put a login bigger than 256 bytes, and if you put the same into the password query,
the never more work until manual reset. 


---------- Forwarded message ----------
Date: Mon, 25 Jan 1999 16:18:22 -0600
From: clarke@pangaealink.com
To: "C. Dale" (cdale@home.isolnet.com)
Subject: Re: baynetworks router DoS (fwd)


Thanks. I tried this on our router and it did not crash it. It is a
Baynetworks Access Node router. Not sure what the series is, but
this did not crash the AN router..

Chad


From: John (flamingdog@YAHOO.COM)
To: BUGTRAQ@netspace.org
Date: Tue, 26 Jan 1999 02:45:31 -0800
Subject: Re: baynetworks router DoS

I asked a friend at Baynetworks about it and he replied with this:


Never heard of a Bay 1000 router, there is a c-1000 switch that does
atm,DS3 Banwidth aggregation for carriers like MCI. Its new, like 6
months.



From: Virsoft (virsoft@VIRSOFT.COM)
To: BUGTRAQ@netspace.org
Date: Wed, 27 Jan 1999 04:48:38 -0700
Subject: baynetwork DoS

In my last email there were some errors, I wrote few data about the model and revision software. The
tested router werent serie 1000, it was an error. The router model are

ARN Baynetwork router
the release software is:
Image: rev/11.03/4 Created on Tue Jul 7 11:29:36 EDT 1998.
MIB Version: x11.02


From: Anton Rager (a_rager@YAHOO.COM)
To: BUGTRAQ@netspace.org
Date: Tue, 26 Jan 1999 17:12:32 -0800
Subject: Re: baynetworks router DoS

The Centillion 1000 [c-1000] referenced is actually an ATM switch, and
the unit/operational code was developed by NEC, and is resold by Bay
[now Nortel].  We have a C1400 with an slightly older revision of code
[7.01], and can't duplicate the problem -- besides, it only asks for a
password initially, then you can enable priv access with another
password....not the sequence described.

Perhaps he is referring to the Bay/Nortel Accelar 1000 series layer
2/layer 3 switches.  They function as an IP router.  I'm running 1.3.0
boot and runtime code on an Accelar 1200, and can't duplicate the
problem.  Perhaps he is using older/newer code?

Also tested with BCN/ASN/AN Bay routers, and can't duplicate the
problem with version 9.00 or 12.10 operational code.

I have no clue what VIRSOFT@VIRSOFT.COM is testing with......

Anton Rager



From: Neale Banks (neale@LOWENDALE.COM.AU)
To: BUGTRAQ@netspace.org
Date: Wed, 27 Jan 1999 15:35:33 +1100
Subject: Re: baynetworks router DoS

On Mon, 25 Jan 1999, Virsoft wrote:

> In the last night, i was testing DoS with several Baynetworks routers
> (serie 1000). I discovered that they reset when you put a login bigger
> than 256 bytes, and if you put the same into the password query, the
> never more work until manual reset.

Which model of Bay router?  If you are refering to sovtware release 10.00,
then that's *old* (current is 13.xx).

This is not reproducible on telnet login to an ARN running s/w 13.01.

Neale.