Buffer Overflow Vulnerability in D-Link DI-524 Router Web Interface
CVE-2008-1266

Currently unrated

Key Information:

Vendor: D-Link
Status: Di-524
Vendor: CVE Published:; 10 March 2008

What is CVE-2008-1266?

The D-Link DI-524 router is vulnerable to multiple buffer overflow flaws within its web interface, enabling remote attackers to execute a denial of service by sending specially crafted input. Attackers can exploit this by using a lengthy username or an HTTP header with an oversized name and empty value, potentially causing the device to crash or leading to other unspecified impacts.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

http://www.securityfocus.com/bid/28439

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2008
Vulnerability Reserved
Mar 10, 2008