• March 28, 2024, 01:22:41 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Is the DIR-880L affected by the NetUSB vulnerability?  (Read 3542 times)

theduser

  • Level 1 Member
  • *
  • Posts: 12
Is the DIR-880L affected by the NetUSB vulnerability?
« on: May 21, 2015, 09:54:13 AM »

http://blog.sec-consult.com/2015/05/kcodes-netusb-how-small-taiwanese.html

Quote
To get an idea how many products are affected, we downloaded a bunch of firmware images from D-Link, NETGEAR, TP-LINK, Trendnet and ZyXEL (actually, we downloaded all of them). Then we checked if those firmware images contain the NetUSB kernel driver (NetUSB.ko). We found 92 products out of the analysed firmware images that contain the NetUSB code. A list of affected products can be found in our advisory. We did not check the firmware of the remaining 21 vendors.

While only one specific D-Link model (DIR-615) was listed, the advisory notes that more D-Link models are likely to be affected.  D-Link's advisory page http://securityadvisories.dlink.com/security/ mentions a different model (DIR-685) from the one tested by the researcher (DIR-615).

[edit]
Dug deeper and it seems D-Link does not currently use kcode's netusb code:

http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10057
« Last Edit: May 21, 2015, 09:59:04 AM by theduser »
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Is the DIR-880L affected by the NetUSB vulnerability?
« Reply #1 on: May 21, 2015, 10:36:33 AM »

Correct. Enjoy.

Didn't see anything mentioned about a DIR-615...

FYI:
http://forums.dlink.com/index.php?topic=56542.0
« Last Edit: May 21, 2015, 10:49:53 AM by FurryNutz »
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

theduser

  • Level 1 Member
  • *
  • Posts: 12
Re: Is the DIR-880L affected by the NetUSB vulnerability?
« Reply #2 on: May 21, 2015, 11:10:50 AM »

Correct. Enjoy.

Didn't see anything mentioned about a DIR-615...

It's in the detailed report: https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150519-0_KCodes_NetUSB_Kernel_Stack_Buffer_Overflow_v10.txt
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Is the DIR-880L affected by the NetUSB vulnerability?
« Reply #3 on: May 21, 2015, 11:16:33 AM »

Ok, I found it. I've asked about it. So far only the 685 seems to be affected.  ;)
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Is the DIR-880L affected by the NetUSB vulnerability?
« Reply #4 on: May 22, 2015, 07:17:05 AM »

They added the DIR-615 to the list.  ::)
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.