[] NeoSense
E X P L O I T S
title author type platform port cve id

Multiple Routers - 'IRC Request' Disconnect Denial of Service

Author: Ryan Meyer
type: dos
platform: hardware
port: 
date_added: 2006-03-03 
date_updated:  
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
It appears that various routers are prone to an IRC-only DoS attack.
Particularly Netgear and Linksys routers have been shown vulnerable.

If a client behind one of the vulnerable routers connects to an IRC server on port 6667
(and only 6667, does not DoS with other ports) and a user posts the following string
in either a channel, private message, ctcp, notice, etc.. the router will drop the connection.
The string is as follows:

DCC SEND anylongrandomstringhere

Further, it appears the routers that are vulnerable to this are running vxworks as their
embedded OS. Older linux Linksys routers appear to be immune.

# milw0rm.com [2006-03-04]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.