Details of VAR-200212-0204

ID

VAR-200212-0204

CVE

CVE-2002-2116

TITLE

Netgear SOHO Router UDP Port Scan Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2002-0268 // CNNVD: CNNVD-200212-809

DESCRIPTION

Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap. RM-356 is a hardware router developed by Netgear, suitable for home or small office networks. UDP scanning will crash RM-356 and RT-338. A cold boot is required to return to normal. # nmap -sU 210.9.238.103 -T5 At this time, a crashdump occurred on the RM-356 console, and the information is as follows Menu 24.2.1-System Maintenance-Information Name: ******* _ netgear Routing: IP RAS F / W Version: V2.21 (I.03) | 3/30/2000 MODEM 1 F / W Version: V2.210-V90_2M_DLS Country Code: 244 LAN Ethernet Address: 00: a0: c5: e3: **: ** IP Address: 192.168.0.1 IP Mask: 255.255.255.0 DHCP: Server CRASHDUMP :: 54f7a0: 00 54 f7 a8 00 21 e9 38 00 54 f8 10 00 21 e9 38 .T ...!. 8.T ...!. 8 54f7b0: 00 00 00 07 00 41 37 bc 00 2b 09 ca 00 00 00 00 ..... A7 .. + ...... 54f7c0: 00 55 24 4c 00 2b 09 b2 00 00 00 00 00 55 24 4c .U $ L. + ....... U $ L 54f7d0: 00 00 00 05 00 00 00 00 00 21 16 24 00 57 26 04 .........!. $. W &. 54f7e0: 00 58 5e e8 00 21 16 24 00 00 26 04 00 21 16 24 .X ^ ..!. $ .. & ..!. $ 54f7f0: 00 41 20 00 00 54 f8 10 00 21 ea 34 00 41 20 00 .A ..T ...!. 4.A. 54f800: 00 00 00 07 ff ff ff ff 00 54 f8 10 00 21 e6 6e ......... T ...!. N 54f810: 00 54 f8 2c 00 21 e6 6e 00 41 37 bc ff ff ff ff .T.,.!. N.A7 ..... 54f820: ff ff 20 04 00 5e 2e 60 00 40 f7 20 00 54 f8 68 .. ^. `. @. .T.h 54f830: 00 21 b0 00 00 00 00 01 00 2b 09 ca ff ff ff ff.! ....... + ...... 54f840: 00 00 00 07 00 2b 09 b2 00 5e 2e 60 00 00 00 00 ..... + ... ^. `... 54f850: ff ff ff ff 00 00 00 00 00 00 00 00 00 54 f9 9c ............. T .. 54f860: 00 5e 2e 60 00 00 00 00 00 54 f8 a8 00 21 a8 1a. ^. `..... T ...! .. 54f870: 00 00 00 07 ff ff ff ff 00 5e 2e 60 00 00 00 00 ......... ^. `... 54f880: 00 00 00 08 00 00 00 00 00 00 00 21 00 00 00 24 ...........! ... $ 54f890: 00 00 00 00 00 54 f9 9c 00 5f ec d0 00 55 24 4c ..... T ..._... U $ L 54f8a0: 00 55 24 4c 00 5e 2e 60 00 54 f8 fc 00 23 b8 42 .U $ L. ^. `.T ... #. B Boot Module Version: 4.40. Built at Wed Feb 23 14:00:29 2000 But TCP connect () scans normally. It is worth noting that even if SNMP 161 / UDP is not open, the above scan will also cause a crash. Problem possible In the filtering code. Most SOHO Netgear devices have a simple filtering mechanism. It is maintained and distributed by Netgear. Under some circumstances, a portscan of the router could cause a denial of service. It has been reported that portscanning a RM-356 with UDP causes the router to become unstable. This is usually accompanied by a crash, requiring a power cycling of the router to resume normal operation. It is also reported that this problem seems to affect port 161/UDP (SNMP) specifically. This problem has been reported to also affect the RT-338 models, and may affect others

Trust: 1.8

sources: NVD: CVE-2002-2116 // CNVD: CNVD-2002-0268 // BID: 4111 // VULHUB: VHN-6499

AFFECTED PRODUCTS

vendor:	netgear	model:	rm356	scope:	eq	version:	*	Trust: 1.0
vendor:	netgear	model:	rt338	scope:	eq	version:	*	Trust: 1.0
vendor:	none	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	rm356	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	rt338	scope:	-	version:	-	Trust: 0.6
vendor:	netgear	model:	rt-338	scope:	-	version:	-	Trust: 0.3
vendor:	netgear	model:	rm-356	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2002-0268 // BID: 4111 // CNNVD: CNNVD-200212-809 // NVD: CVE-2002-2116

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-2116
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200212-809
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-6499
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2002-2116
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-6499
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-6499 // CNNVD: CNNVD-200212-809 // NVD: CVE-2002-2116

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-2116

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200212-809

TYPE

Design Error

Trust: 0.9

sources: BID: 4111 // CNNVD: CNNVD-200212-809

EXTERNAL IDS

db:	NVD	id:	CVE-2002-2116	Trust: 2.3
db:	BID	id:	4111	Trust: 2.0
db:	CNNVD	id:	CNNVD-200212-809	Trust: 0.7
db:	CNVD	id:	CNVD-2002-0268	Trust: 0.6
db:	NSFOCUS	id:	2332	Trust: 0.6
db:	BUGTRAQ	id:	20020215 RE: REMOTE DOS IN NETGEAR RM-356	Trust: 0.6
db:	BUGTRAQ	id:	20020215 REMOTE DOS IN NETGEAR RM-356	Trust: 0.6
db:	XF	id:	8206	Trust: 0.6
db:	VULHUB	id:	VHN-6499	Trust: 0.1

sources: CNVD: CNVD-2002-0268 // VULHUB: VHN-6499 // BID: 4111 // CNNVD: CNNVD-200212-809 // NVD: CVE-2002-2116

REFERENCES

url:	http://www.securityfocus.com/bid/4111	Trust: 1.7
url:	http://archives.neohapsis.com/archives/bugtraq/2002-02/0183.html	Trust: 1.7
url:	http://archives.neohapsis.com/archives/bugtraq/2002-02/0162.html	Trust: 1.7
url:	http://www.iss.net/security_center/static/8206.php	Trust: 1.7
url:	http://www.nsfocus.net/vulndb/2332	Trust: 0.6
url:	http://www.netgear.com/product_view.asp?xrp=4&yrp=10&zrp=33	Trust: 0.3

sources: VULHUB: VHN-6499 // BID: 4111 // CNNVD: CNNVD-200212-809 // NVD: CVE-2002-2116

CREDITS

Ben Ryan※ ben@bssc.edu.au

Trust: 0.6

sources: CNNVD: CNNVD-200212-809

SOURCES

db:	CNVD	id:	CNVD-2002-0268
db:	VULHUB	id:	VHN-6499
db:	BID	id:	4111
db:	CNNVD	id:	CNNVD-200212-809
db:	NVD	id:	CVE-2002-2116

LAST UPDATE DATE

2025-04-03T22:35:06.869000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2002-0268	date:	2002-02-22T00:00:00
db:	VULHUB	id:	VHN-6499	date:	2008-09-05T00:00:00
db:	BID	id:	4111	date:	2002-02-15T00:00:00
db:	CNNVD	id:	CNNVD-200212-809	date:	2006-01-25T00:00:00
db:	NVD	id:	CVE-2002-2116	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2002-0268	date:	2002-02-15T00:00:00
db:	VULHUB	id:	VHN-6499	date:	2002-12-31T00:00:00
db:	BID	id:	4111	date:	2002-02-15T00:00:00
db:	CNNVD	id:	CNNVD-200212-809	date:	2002-02-15T00:00:00
db:	NVD	id:	CVE-2002-2116	date:	2002-12-31T05:00:00