COMMAND

    Cayman 3220H

SYSTEMS AFFECTED

    Cayman 3220H DSL Router

PROBLEM

    'cassius' found following.   He found another  attack right  about
    the  same  time  they  notified  me  about  the  software  update.
    Versions 5.5 Build  R0, 5.3 Build  R2, 5.3 Build  R1, probably all
    other versions  and the  latest update  are vulnerable  to ping of
    death attacks.

    Exploit:

        ping -t -l 65500 victim.example.com

    All replies  will say  "Request timed  out."   Send it some normal
    pings too.   When you get  time outs from  normal sized pings  the
    attack should be done.

    Sometimes it stops  telnet and http  admin services.   Other times
    the services stay up but the router restarts without routing.   If
    the router survives  just keep hammering  it.  It  will eventually
    hose in one way or another.

SOLUTION

    Vendor has been notified.