Allegro RomPager 4.07 < 4.34 Multiple Vulnerabilities (Misfortune Cookie)

Critical Nessus Network Monitor Plugin ID 8614


According to its banner, the remote host is running an embedded web server which may be vulnerable to multiple attack vectors.


The remote host is running RomPager, an embedded web server most often used to provide web administration capabilities for networked printers, network switches, and other devices.

Versions of RomPager 4.07 and prior to 4.34 are potentially affected by multiple issues :

- A buffer overflow vulnerability exists because the RomPager web server fails to perform adequate bounds checks on user-supplied input. Attackers can exploit this issue to execute arbitrary code with the privileged access of RomPager.(CVE-2014-9223)

- A security bypass vulnerability exists due to an error within the HTTP cookie management mechanism (aka, the 'Misfortune Cookie' issue) which could allow any user to determine the 'fortune' of a request by manipulating cookies. An attacker can exploit this issue to corrupt memory and alter the application state by sending specially crafted HTTP cookies. This could be exploited to gain the administrative privileges for the current session by tricking the attacked device. (CVE-2014-9222)

Note: The 'Misfortune Cookie' vulnerability only applies if the cookie feature has been enabled on the RomPager server. Furthermore, some sources indicate that these vulnerabilities can be patched while not affecting or increasing the self-reported RomPager version in the banner.


Contact the vendor for an updated firmware image. Allegro addressed both issues in mid-2005 with RomPager version 4.34.

See Also

Plugin Details

Severity: Critical

ID: 8614

Family: Web Servers

Published: 2015/02/20

Modified: 2016/01/19

Dependencies: 1442

Nessus ID: 80228

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Base Score: 9.8

Temporal Score: 9.4


Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:allegrosoft:rompager

Patch Publication Date: 2005/12/30

Vulnerability Publication Date: 2014/12/19

Exploitable With


Metasploit (Allegro Software RomPager 'Misfortune Cookie' Scanner)

Reference Information

CVE: CVE-2014-9222, CVE-2014-9223

BID: 71756, 71744