Cajun Switch Negative Integer Handling Remote DoS

high Nessus Plugin ID 11759

Language:

Synopsis

The remote switch has a denial of service vulnerability.

Description

The remote host appears to be a Avaya Cajun switch. It was possible to crash it by sending a malformed string to TCP port 4000. These attacks disable the switch for thirty seconds.

A remote attacker could use this to repeatedly disable the switch, affecting network availability.

Solution

Contact Avaya for a patch.

See Also

https://seclists.org/bugtraq/2003/Jun/145

Plugin Details

Severity: High

ID: 11759

File Name: cajun_switch_dos.nasl

Version: 1.15

Type: remote

Published: 6/18/2003

Updated: 11/15/2018

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 6/18/2003

Reference Information

BID: 7961

Secunia: 9075