Info

Disclosure

Jun 18, 2003

Discovery

Jun 03, 2003

Dates

Exploit

Unknown

Solution

Unknown

Description

Avaya Cajun switches contain a flaw with firmware versions up to and including 3.x that may allow a malicious attacker to cause a Denial of Service. The switch does not properly handle traffic to port 4000 and it may cause the switch to stop responding and eventually reset.

Classification

Attack Type: Denial of Service
Impact: Loss of Availability

Solution

Upgrade to software version 4.0 or higher as it has been reported to have fixed the issue. If unable to upgrade then it is advised to filter access to the device so that only trusted hosts can establish TCP connections.

Products

Avaya Inc.	Cajun	G700
		P130
		P330

References

ISS X-Force ID: 12356
Bugtraq ID: 7961
Secunia Advisory ID: 9075
Vendor Specific Advisory URL: http://support.avaya.com/japple/css/japple?PAGE=avaya.css.OpenPage&temp.template.name=SecurityAdvisory

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Avaya Inc.

Cajun

References

Credit