CVE-2002-1865

Name of the Vulnerable Software and Affected Versions D-Link DI-804 version 4.68 D-Link Dl-704 versions 2.56b5 through 2.56b6 Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router versions 1.37.2 through 1.42.7 Linksys WAP11 versions 1.3 through 1.4

Description A buffer overflow issue in the Embedded HTTP server allows remote attackers to cause a denial of service (crash) by sending a long header, such as the Host header.

Recommendations For D-Link DI-804 version 4.68, consider disabling the Embedded HTTP server until a patch is available. For D-Link Dl-704 versions 2.56b5 through 2.56b6, restrict access to the Embedded HTTP server to minimize the risk of exploitation. For Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router versions 1.37.2 through 1.42.7, avoid using long headers in the HTTP requests until the issue is resolved. For Linksys WAP11 versions 1.3 through 1.4, as a temporary workaround, consider disabling the Embedded HTTP server until a patch is available.