DescentBB

A vulnerability has been identified with the BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers

A flaw in the built-in DHCP server causes the routers to send BOOTP reply packets that contain sensitive information about traffic running through the devices as well as other random information about the router's configuration.

Link to firmware

Fixed in this version 1.45.11

1. Fixed CGI string attacks issue
2. Fixed UPnP on Windows XP SP2 issue
3. Fixed One way audio issue
4. Fixed NAT-T issue for some VPN connection
5. Fixed DHCP server revision, fill the siaddr to the server address
6. Fixed DHCP (BOOTP) vulnerability issue
7. Added Filter IDENT(port 113) to appear stealth when scanned
8. Added DHCP option 55 support
9. Fixed buffer leakage bug
10. Modified TCP Support RFC 3360 standard
11. Modified PPPoE/L2TP/PPTP fragmentation supports fragmenting 1 packet into more than 3.
12. Modified MTU/MRU function for better handling

so far it didn't break anything

nice.....thanks for the link

Thx for the notice -- going to fix the one here..

Note that a new version is only available for versions 2 and 1 of the BEFSR41. You can download firmware version 1.45.11 (released June 4, 2004) directly from Linksys.

The latest firmware version for the BEFSR41 v.3 is 1.05.00 and was released April 1st, 2004. Apparently version 3 (the post-Cisco-takeover version) is unaffected.

I have version 2(befsr41) and this firmware broke my router.... the router dont refresh the modem imformation when it runs out...causing the internet conenction to stop every hour. It's a know issue that people are having... but linksys dont know when they will fix it>:( if ever>:(>:( The last 3 firmwares havnt worked with my router, and all the people who had the same issues i did with the last releases will find this one wont work for them eather... i dont believe this isnt a problem with all v2 boxes... so im not sure what it up with it...

since i cant go back to 1.44.2 i went out and bought a d-link router, nice to see a router that works out of the box(so far:P) at least upnp actually works for once and i can do file transfers though messenger programs.

I never had problems with either UPnP or new firmware on my version 2.

That said I like the version 3 MUCH better.

i wish i could find a BEFSR11

Warlock, I have one I no longer use....email me if your interested...

i got a 4 port one in its place now thanx aney ways

i just wish i didnt give mine away cause to me the 1 ports run better than the 4+ ones

How so? I'm aware of RAM issues (if you daisy-chain more than 4 computers to the router it usually crashes because it runs out of RAM).

ive got a 41 ver 2 and it worked. thanks!

I have a 41 ver2 also...
Teddy did you use the updater built into the router or d/l the update utility form linksys?
I used the utility and it worked flawlessly

Warlock wrote:i wish i could find a BEFSR11

new egg has them

I downloaded the update utility each time i tried a new firmware. And it's not just me who has the problem... when chatting with thier live tech support(which was very easy to use) they would ususally say something like "ya, the past six users before you had the exact same problem". it seems there is a batch of routers out there that are version 2 but have some subtle changes???? I'm not compeletly sure all i know is that the last 3 firmwares have been unusable, and they took down the one that worked(they were saving one of the old ones on thier site as it was known that a batch of us were having trouble with the newer firmwares.)

as far as upnp being broken...it was, read the firmware log where they list what was fixed. It's on the page where you get the updates... its listed there as fixed in several updates(the latest firmware supposedly fixes it with sp2) and even tho they clamed to fix it, it never worked properly. when doing file transfers through msn messenger, i could do only 3 transfers before i had to log onto the router and clean out the upnp forwarding section.

yeah, i had a ver2 before this one that crapped out on me. when it worked though it would not take any firmware updates. every time i tried one i had to revert back to the old one to get any kind of functionality out of it

DCrazy wrote:How so? I'm aware of RAM issues (if you daisy-chain more than 4 computers to the router it usually crashes because it runs out of RAM).

routers have RAM in them?!?!?!?!

AceCombat wrote:

DCrazy wrote:How so? I'm aware of RAM issues (if you daisy-chain more than 4 computers to the router it usually crashes because it runs out of RAM).

routers have RAM in them?!?!?!?!

Good god I hope you aren't serious.

Just to put in my own 2 cents, I have a version 1 BEFSR41 that I got 5 years ago. I've NEVER had any problems updating or had any issues with the router firmware. Everything has been perfect. The BEFSR41 is a fantastic piece of hardware. If you are having trouble updating try doing a hardware reset (hold down the reset button) to restore all the factory defaults.

AceCombat wrote: routers have RAM in them?!?!?!?!

as do hard drives, video cards, sound cards, etc

OMG what's next?

AceCombat wrote:computers have RAM in them?!?!?!?!

He needs some serious help since his A+training is not working.... wait didn't he say he was Certified!

Hell, I'm not even certified and I'm a tech over at a mom and pop's chop shop

Uh oh, firmware updates are too complicated for Jim

well if anyone is having probs with the new firmware,I have 2 older versions that you can revert to if needed.

mine kinda of bugged out a few times throughout the day after the upgrade, but i reset the router and all is well now.

i used the stick from a dum-dum pop to do it. yay!

The Befsr41 Ver. 3 is what I've been selling, and ya noticed and applied the update.

I upgraded a Ver. 2 and had no probs.

Resets are your friend at times.

I was going to patch, but not after hearing all these horror stories.

ahhh, xciter got the same bug as me...for the most part it seems to work ok exzcept the dhcp not renewing automatically. For me, when i renew it manually, i get 1 hour, if i click it a second time, it will then give me 24hours....

Jmeat, go ahead and patch as long as you have a working firmware backed up!! Supposedly linksys tech support is emailing me the old version that worked ok.... But that was a week ago, probably will have to get on the chat line and bug them to send it on over again.

WarAdvocat, what older versions do ya have? i'm selling this thing off since it isn't really getting updates anymore and is ususally broken with the new ones anyway.... the bad thing is i cant sell it in it's current state!!

for people needing old firmware, try these:

1.44.2z
http://www.opendrivers.com/mydownload/1 ... SRU31.html

1.45.7
ftp://ftp.linksys.com/pub/befsr41/befsr_fw_1457.zip

I have 2 different versions of the 144x update

1442 and 144z.

Newest version works fine on my rev. 1 4 port router. Must be user error

BUBBALOU wrote:OMG what's next?

AceCombat wrote:computers have RAM in them?!?!?!?!

very funny smarta$$. i said ROUTERS

ccb056 wrote:

AceCombat wrote: routers have RAM in them?!?!?!?!

as do hard drives, video cards, sound cards, etc

i know those devices have RAM for Buffer reasons...i never knew Routers had RAM in them though

AceCombat wrote:routers have RAM in them?!?!?!?!

Think about it Ace...they're really small computers. They have their own OS, so yeah...its gotta have RAM.

hey, i learn new stuff everyday. this happens to be something i didnt know.

yeah

the high $ ones have hdd and every thang. Heck its like the big time plotters i got to see one with its owen OS witch was prity amazing, they wouldent let me play with it though

i went ahead and got me a 11 and took the 41 back to the office its just i allready have a switch and y would i need to have a 4 port router when i have a 8 port switch sitting on top of it.

the reasion i hate the 41 is i have frends that use it and it gives them all kinda of probs when it comes to sharing files over the network.

Thx kurupt, that 1.44.2z firmware was just what i needed!!! hopefully linksys will get it right in the next release(and hopefully it wont take a year to release it...)

no problemo

* Testiculese sets mode -MastersDegree AceCombat

My v2 router wouldn't take the update, but still works fine. I noticed my firmware version is 2.44.2

They put up a new firmware ver. 1.46 that's supposed to fix the DHCP renewal.

DHCP for witch side? Lan or Wan

It doesn't say link to version information
I would have to assume that it is designed to fix the trouble that a lot of people have been having with the 1.45.11 update.

KompresZor wrote:They put up a new firmware ver. 1.46 that's supposed to fix the DHCP renewal.

july 7th