On 26 Jun 2009 at 14:54, Christopher Nicholson wrote: > See half way down through this link: > > http://www.freeantivirushelp.com/antivirus_security_updates/antivirus_exploi > t_router/trend_micro_exploit_router_exploit.html >
See also "D-Link Router UPNP Stack Overflow" http://research.eeye.com/html/advisories/published/AD20060714.html and here: Direct Client-to-Client - Wikipedia, the free encyclopedia DCC SEND exploit The DCC send exploit can refer to two bugs, a variant buffer overflow error in mIRC triggered by filenames longer than 14 characters [1] and an input validation error in some routers manufactured by Netgear, D-Link and Linksys, triggered by the use of port 0[citation needed]. The router exploit, in particular, may be triggered when the phrase 'DCC SEND ' followed by at least 11 characters without spaces or newlines appears anywhere in a TCP stream on port 6667, not just when an actual DCC SEND request has been made. http://en.wikipedia.org/wiki/Direct_Client-to-Client -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +-----------------------------------+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
