OSVDB ID: 43704

Title: Nortel VPN Gateway Browser-Based Management Interface (BBI) Username Remote Overflow

Info

Disclosure

Apr 01, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in Nortel VPN Gateway Browser-Based Management Interface (BBI). With a specially crafted request, an attacker can cause a denial of service or gain interactive OS access resulting in a loss of integrity and/or availability.

Classification

Location: Remote/Network Access Required
Attack Type: Authentication Management, Denial of Service
Impact: Loss of Confidentiality, Loss of Availability
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

Upgrade to version 5.1.7, 6.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Nortel Networks

VPN Gateway

&amp;amp;lt;5.1.7

References

Vendor Specific News/Changelog Entry: http://www116.nortel.com/docs/bvdoc/alteon/sslvpn/ssl-vpn_6.0/216372-G_00.pdf
http://www116.nortel.com/docs/bvdoc/alteon/sslvpn/VPN_Gateway_5.1.7_Release_Notes ......

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218