Dreambox DM500 Long Requests Denial of Service Vulnerability

ERCOLINO

Membro dello Staff
Amministratore
Registrato
3 Marzo 2003
Messaggi
247.618
Località
Torino
Secunia Advisory: SA31650
Release Date: 2008-09-02

Critical: Not critical
Impact: DoS
Where: From local network
Solution Status: Unpatched

OS: Dreambox DM500





Description:
Marc Ruef has reported a vulnerability in Dreambox DM500, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the web interface when processing overly long requests. This can be exploited to cause a DoS by sending malicious requests to a vulnerable device.

Solution:
Use a firewall or proxy to filter malicious requests.



Bollettino di Sicurezza
 
Indietro
Alto Basso