The Fritz!Box you have dialled is not recognised
Users utilising one of the popular Fritz!Box models from AVM for internet telephony may need to anticipate suddenly becoming unobtainable following an attack from the internet. According to a blogger going by the name of maZZoo, because of an error in the firmware for the Fritz!Box Fon 7050 and other models, an attacker can crash the VoIP application using a UDP packet with a zero length payload.
The VoIP function listens on port 5060 for SIP packets. According to maZZoo, AVM confirmed the bug around 6 months ago, but have still not released a bug-free firmware version. The Internet Storm Center's sensors have seen a slight increase in activity on port 5060 since the blog entry was published. There is still no update available to fix the problem.
Other routers have their own problems. Users on the LAN can change settings on Telekom routers of type Speedport 500V. By faking a cookie with a fixed password programmed into the firmware (TECOM), it is possible to circumvent the login page to access the router. This password can only be changed by compiling the GPL licensed source code. The current firmware version 1.31 is affected.
- Fritz!Box 7050 (and others) DoS, blog entry by maZZoo
- The Internet Storm Center's port activity monitor
- T-Com Speedport 500V Login bypass, security advisory on Full Disclosure