[gull-annonces] Résumé SecurityFocus Newsletter #329

Marc SCHAEFER schaefer at alphanet.ch
Mon Dec 26 09:10:31 CET 2005 

Nortel SSL VPN Web Interface Input Validation Vulnerability
BugTraq ID: 15798
Remote: Yes
Date Published: 2005-12-12
Relevant URL: http://www.securityfocus.com/bid/15798
Summary:
Nortel SSL VPN is prone to an input validation vulnerability.  This issue 
could be exploited to cause arbitrary commands to be executed on a user's 
computer.  Cross-site scripting attacks are also possible.

Nortel SSL VPN 4.2.1.6 is vulnerable to this issue; other versions may also 
be affected.

[ firmware, apparemment ]

NetGear RP114 SYN Flood Denial Of Service Vulnerability
BugTraq ID: 15816
Remote: Yes
Date Published: 2005-12-12
Relevant URL: http://www.securityfocus.com/bid/15816
Summary:
The NetGear RP114 device is prone to a denial of service vulnerability. 

Communications between the external and internal Ethernet interface may be 
halted by initiating a TCP SYN flood to the external interface of the device.

This issue allows attackers to block network traffic to arbitrarily targeted 
network services, effectively denying service to legitimate users of the 
device.

[ firmware ]

Apache mod_imap Referer Cross-Site Scripting Vulnerability
BugTraq ID: 15834
Remote: Yes
Date Published: 2005-12-13
Relevant URL: http://www.securityfocus.com/bid/15834
Summary:
mod_imap is prone to a cross-site scripting vulnerability.  This issue is 
due to a failure in the module to properly sanitize user-supplied input.

An attacker may leverage this issue to have arbitrary script code executed 
in the browser of an unsuspecting user in the context of the affected site.  
This may facilitate the theft of cookie-based authentication credentials as 
well as other attacks.

VCD-db Multiple Input Validation Vulnerabilities
BugTraq ID: 15840
Remote: Yes
Date Published: 2005-12-13
Relevant URL: http://www.securityfocus.com/bid/15840
Summary:
VCD-db is prone to multiple input validation vulnerabilities. These issues 
are due to a failure in the application to properly sanitize user-supplied 
input.

Successful exploitation of these vulnerabilities could result in a 
compromise of the application, disclosure or modification of data, the theft 
of cookie-based authentication credentials. They may also permit an attacker 
to exploit vulnerabilities in the underlying database implementation as well 
as other attacks.

Multiple Linksys Routers LanD Packet Denial Of Service Vulnerability
BugTraq ID: 15861
Remote: Yes
Date Published: 2005-12-14
Relevant URL: http://www.securityfocus.com/bid/15861
Summary:
Multiple Linksys devices are prone to a denial of service vulnerability.

These devices are susceptible to a remote denial of service vulnerability 
when handling TCP 'LanD' packets.

This issue allows remote attackers to crash affected devices, or to 
temporarily block further network routing functionality. This will deny 
further network services to legitimate users.

Linksys BEFW11S4 and WRT54GS devices are reportedly affected by this issue. 
Due to code reuse among devices, other devices may also be affected.

[ firmware ]

Multiple Unspecified Cisco Catalyst Switches LanD Packet Denial Of 
Service Vulnerability
BugTraq ID: 15864
Remote: Yes
Date Published: 2005-12-14
Relevant URL: http://www.securityfocus.com/bid/15864
Summary:
Multiple unspecified Cisco Catalyst switches are prone to a denial of 
service vulnerability.

These devices are susceptible to a remote denial of service vulnerability 
when handling TCP 'LanD' packets.

This issue allows remote attackers to crash affected devices, or to 
temporarily block further network routing functionality. This will deny 
further network services to legitimate users.

As no specific Cisco devices were identified by the reporter of this issue, 
all Cisco Catalyst devices have been marked as vulnerable. This BID will be 
updated as further information on affected packages is available.

[ firmware ]

Westell Versalink 327W LanD Packet Denial Of Service Vulnerability
BugTraq ID: 15869
Remote: Yes
Date Published: 2005-12-14
Relevant URL: http://www.securityfocus.com/bid/15869
Summary:
Westell Versalink 327W is prone to a denial of service vulnerability.

These devices are susceptible to a remote denial of service vulnerability 
when handling TCP 'LanD' packets.

This issue allows remote attackers to crash affected devices, or to 
temporarily block further network routing functionality. This will deny 
further network services to legitimate users.

Westell Versalink 327W is reportedly affected by this issue. Due to code 
reuse among devices, other devices may also be affected.

[ firmware ]

Scientific Atlanta DPX2100 Cable Modem LanD Packet Denial Of Service 
Vulnerability
BugTraq ID: 15870
Remote: Yes
Date Published: 2005-12-14
Relevant URL: http://www.securityfocus.com/bid/15870
Summary:
Scientific Atlanta DPX2100 cable modems are prone to a denial of service 
vulnerability.

These devices are susceptible to a remote denial of service vulnerability 
when handling TCP 'LanD' packets.

This issue allows remote attackers to crash affected devices, or to 
temporarily block further network routing functionality. This will deny 
further network services to legitimate users.

Scientific Atlanta DPX2100 cable modems are reportedly affected by this 
issue. Due to code reuse among devices, other devices may also be affected.

[ firmware, étrange: si c'est la même attaque que
     http://de.wikipedia.org/wiki/Land_%28TCP-Angriff%29
  ça a déjà 8 ans. Et cela ne concernait que Microsoft Windows.
  Une pile TCP/IP embarquée de mauvaise qualité assez répandue ? ]

More information about the gull-annonces mailing list