May 30th, 2002, 04:25 PM
Access to intranet ports through 3Com 812 ADSL Router
Found something that I thought Some may need to know....
Madrid, May 29 2002 -- SecurityFocus has released an article -at
which describes how a vulnerability could allow an attacker to access ports
connected to the 3Com OfficeConnect Remote 812 ADSL router.
This problem is related to the use of Port Address Translation (PAT),
communication technology used by routers to allow multiple users in a local
network to access -with their own IP address- the Internet or corporate
networks via a single public address. PAT actually translates multiple
private IP addresses to a single public address, or to a public sub network,
recognized by the IP service provider. This function can reduce operating
costs, increase security and simplify Internet access.
If an attempt is made to connect to a port that is not redirected to a
computer behind the router using PAT, the problem does not occur as the
router won't allow this connection. However, if a connection is made to a
redirected port using PAT and then to any port not redirected using PAT, the
router allows the successive connections to any port. The problem exists
with TCP and with UDP.
The vulnerability is confirmed in firmware versions V1.1.9 and V1.1.7.
[glowpurple]The Nutta [/glowpurple]