Exploit 3Com SuperStack 3 NBX 4.0/4.1 - FTPD Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
22060
Проверка EDB
  1. Пройдено
Автор
MICHAEL S. SCHEIDELL
Тип уязвимости
DOS
Платформа
HARDWARE
CVE
cve-2002-2300
Дата публикации
2002-12-02
Код:
source: https://www.securityfocus.com/bid/6297/info

It has been reported that the ftpd server, included in the Embedded Real Time Operating System (ERTOS) of 3Com Superstack 3 NBX IP phones, contains a denial of service vulnerability. This issue can be triggered by sending a CEL paramater of excessive length, effectively causing the ftpd server and various VoIP services to no longer respond.

It should be noted that this issue may be similar to the vulnerability described in BID 679.

Although unconfirmed, it should also be noted that due to the nature of this vulnerability under some circumstances it may be exploited to execute arbitrary code.

CEL aaaa[...]aaaa where string is 2048 bytes long
 
Источник
www.exploit-db.com

Похожие темы