Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/lunnova/puma6fail

CVE-2017-5693 Denial of service vulnerability in Puma 6 modems
https://github.com/lunnova/puma6fail

networking rust security-vulnerability

Last synced: 9 days ago
JSON representation

CVE-2017-5693 Denial of service vulnerability in Puma 6 modems

Host: GitHub
URL: https://github.com/lunnova/puma6fail
Owner: LunNova
License: mit
Created: 2017-04-25T21:25:43.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2024-01-17T01:51:03.000Z (10 months ago)
Last Synced: 2024-05-01T19:51:59.051Z (7 months ago)
Topics: networking, rust, security-vulnerability
Language: Rust
Homepage:
Size: 11.7 KB
Stars: 15
Watchers: 4
Forks: 3
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Puma 6 fail demo

Tool to demonstrate issue from this post found by mackey: https://www.dslreports.com/forum/r31377755-

Proof of concept code is [already public](https://www.theregister.co.uk/2017/04/27/intel_puma6_chipset_trivial_to_dos/) elsewhere.

See [CVE-2017-5693](https://nvd.nist.gov/vuln/detail/CVE-2017-5693).

DoS occurs in either direction - UDP from LAN to WAN or WAN to LAN.

Testing through a local Virgin Media Super Hub 3 modem:

1mbps/2000pps causes ~20ms average latency rise with 200 maximum
2mbps/4000pps causes ~200ms average latency and 65% packet loss
3mbps/6000pps causes ~250ms average latency and 85% packet loss

![Smokeping graph while testing](https://i.imgur.com/eshENJE.png)