Allegro RomPager HTTP Cookie Management Remote Code Execution Vulnerability (Misfortune Cookie)
Critical Nessus Plugin ID 80304
SynopsisThe remote host is affected by multiple remote code execution vulnerabilities.
DescriptionNessus was able to overwrite the request path by sending a specially crafted cookie to the remote web server. It is, therefore, affected by multiple vulnerabilities :
- A flaw in HTTP cookie management in the embedded web server allows a remote attacker to execute arbitrary code with administrative privileges and to possibly conduct attacks against connected devices.
- A digest authentication buffer overflow flaw exists that allows a remote attacker to cause a denial of service or to execute arbitrary code. (CVE-2014-9223)
SolutionContact the vendor for an updated firmware image. Allegro addressed both issues in mid-2005 with RomPager version 4.34.