Avaya Cajun switches contain a flaw with firmware versions up to and including 3.x that may allow a malicious attacker to cause a Denial of Service. The switch does not properly handle traffic to port 4000 and it may cause the switch to stop responding and eventually reset.

By connecting to tcp port 4000 on the switch and sending at least five
bytes, of which the first four represent a negative integer will cause the
switch to stall, after some time the switch reboots. Example:

sq5bpf@hash:~$ printf "x80dupa"|nc -v -v -v -n 192.168.66.3 4000
(UNKNOWN) [192.168.66.3] 4000 (?) open
[the connections stalls]

The time the switch needs to become operational again is about 30 seconds,
after this time the attack can be repeated.

Upgrade to software version 4.0 or higher as it has been reported to have fixed the issue. If unable to upgrade then it is advised to filter access to the device so that only trusted hosts can establish TCP connections.

• ISS X-Force ID: 12356
• Bugtraq ID: 7961
• Secunia Advisory ID: 9075
• Vendor Specific Advisory URL: http://support.avaya.com/japple/css/japple?PAGE=avaya.css.OpenPage&temp.template.name=SecurityAdvisory

Unknown or Incomplete

We currently have no CVSS2 data on this vulnerability. Feel free to suggest it.