Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Di-604 | D-link | * | * |
| Di-614+ | D-link | 2.30 (including) | 2.30 (including) |
| Di-624 | D-link | 1.28 (including) | 1.28 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=108844250013785\u0026w=2
- http://secunia.com/advisories/12018
- http://www.osvdb.org/7294
- http://www.securityfocus.com/archive/1/367485
- http://www.securityfocus.com/bid/10621
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16531
- http://marc.info/?l=bugtraq\u0026m=108844250013785\u0026w=2
- http://secunia.com/advisories/12018
- http://www.osvdb.org/7294
- http://www.securityfocus.com/archive/1/367485
- http://www.securityfocus.com/bid/10621
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16531